Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-k1pf-7arq-wudg
Vulnerability ID VCID-k1pf-7arq-wudg
Aliases CVE-2018-6843
Summary Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Kentico has SQL injection in the administration interface.
Status Published
Exploitability 0.5
Weighted Severity 0.0
Risk None
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00247 https://api.first.org/data/v1/epss?cve=CVE-2018-6843
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2018-6843
https://gist.github.com/zamous/c0afd7e21f3111de873c7bef6dcd9dd7
CVE-2018-6843 https://nvd.nist.gov/vuln/detail/CVE-2018-6843
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.48161
EPSS Score 0.00247
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-02T04:37:36.102772+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Kentico.Libraries/CVE-2018-6843.yml 38.6.0