Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Mon, 18 May 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sun, 17 May 2026 18:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Bylancer
Bylancer zechat |
|
| Vendors & Products |
Bylancer
Bylancer zechat |
Sun, 17 May 2026 12:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Zechat 1.5 contains a SQL injection vulnerability in the v parameter that allows unauthenticated attackers to extract database information using time-based blind techniques. Attackers can exploit the v parameter with sleep-based blind injection to confirm vulnerability and extract data. | |
| Title | Zechat 1.5 SQL Injection via v parameter (time-based blind) | |
| First Time appeared |
Zechat Project
Zechat Project zechat |
|
| Weaknesses | CWE-89 | |
| CPEs | cpe:2.3:a:zechat_project:zechat:1.5:*:*:*:*:*:*:* | |
| Vendors & Products |
Zechat Project
Zechat Project zechat |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-05-18T17:52:21.140Z
Reserved: 2026-05-17T12:06:26.103Z
Link: CVE-2018-25339
Updated: 2026-05-18T16:31:16.442Z
Status : Deferred
Published: 2026-05-17T13:16:45.710
Modified: 2026-06-17T01:55:15.760
Link: CVE-2018-25339
No data.
OpenCVE Enrichment
Updated: 2026-05-17T16:59:50Z