CVE-2018-25405
SQL Injection in eNdonesia Portal 8.7
Publication date: 2026-05-30
Last updated on: 2026-05-30
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in eNdonesia Portal 8.7 involves multiple SQL injection flaws. These allow attackers who are not authenticated to inject malicious SQL code through specific parameters in the mod.php file.
- The vulnerable parameters include artid, cid, did, contid, and aboutid.
By exploiting these injection points, attackers can execute arbitrary SQL queries on the database.
This can lead to extraction of sensitive information such as usernames, database names, and version details.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthenticated attackers to execute arbitrary SQL queries and extract sensitive database information such as usernames, database names, and version details.
This unauthorized access to sensitive data could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access and breaches.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending crafted HTTP requests with SQL injection payloads to the vulnerable parameters such as artid, cid, did, contid, and aboutid in mod.php.
For example, you can use curl commands to test the 'artid' parameter for SQL injection by injecting typical SQL payloads and observing the response for database errors or unexpected data.
- curl "http://targetsite/mod.php?artid=1' OR '1'='1"
- curl "http://targetsite/mod.php?cid=1' UNION SELECT NULL, version(), NULL-- "
Monitoring network traffic for unusual or suspicious HTTP requests targeting these parameters can also help detect exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying input validation and sanitization on all parameters vulnerable to SQL injection, such as artid, cid, did, contid, and aboutid.
If a patch or updated version of eNdonesia Portal 8.7 is available that fixes the SQL injection issues, it should be applied immediately.
As a temporary measure, you can implement web application firewall (WAF) rules to block malicious SQL injection payloads targeting these parameters.
Restricting database user permissions to limit the impact of a successful injection can also help mitigate damage.
How can this vulnerability impact me? :
This vulnerability can have serious impacts including unauthorized access to sensitive database information.
- Attackers can retrieve usernames, database names, and version details.
Such data exposure can lead to further attacks, data breaches, and compromise of the system's integrity.