CVE-2018-6605

CVE: CVE-2018-6605
Published: 2018-02-05T21:29Z
Vendor: zh_baidumap_project
Products: zh_baidumap
Versions: 3.0.0.1,
Description Language: en
Description: SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.
References:
https://www.exploit-db.com/exploits/43974/