CVE-2018-25410
SQL Injection in SIM-PKH Admin Panel
Publication date: 2026-05-30
Last updated on: 2026-05-30
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The SQL injection vulnerability in SIM-PKH 2.4.1 allows attackers to extract sensitive database information such as usernames, database names, and version details. This unauthorized access to sensitive data could lead to violations of data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access and breaches.
By enabling attackers to retrieve sensitive information through SQL injection, the vulnerability increases the risk of data breaches and non-compliance with standards that mandate strict controls on data confidentiality and integrity.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the SQL injection vulnerability in SIM-PKH 2.4.1, immediate steps include restricting access to the /admin/media.php endpoint, especially the parameters module=pengurus and act=editpengurus, to only trusted authenticated users.
Additionally, applying input validation and sanitization on the 'id' parameter to prevent injection of malicious SQL code is critical.
If available, upgrading to a fixed or patched version of SIM-PKH beyond 2.4.1 is recommended to fully resolve the issue.
Monitoring and logging access to the vulnerable endpoint can help detect potential exploitation attempts.
Can you explain this vulnerability to me?
CVE-2018-25410 is an SQL injection vulnerability in SIM-PKH version 2.4.1. It occurs in the 'id' parameter of the media.php file, specifically when accessed with the parameters module=pengurus and act=editpengurus. Authenticated attackers can inject malicious SQL code through this parameter by sending crafted GET requests, allowing them to execute arbitrary SQL queries on the backend database.
This injection enables attackers to extract sensitive database information such as usernames, database names, and version details by leveraging SQL UNION statements.
How can this vulnerability impact me? :
The vulnerability allows attackers to gain unauthorized access to sensitive database information, including usernames and database details. This can lead to further exploitation such as unauthorized data access, data leakage, or manipulation of database contents.
Since the attacker can execute arbitrary SQL commands, it may also facilitate privilege escalation or compromise of the entire application backend, potentially impacting the confidentiality and integrity of your data.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending crafted GET requests to the vulnerable endpoint and observing the response for SQL injection behavior.
Specifically, you can test the /admin/media.php endpoint with parameters module=pengurus and act=editpengurus, injecting SQL UNION statements into the 'id' parameter.
An example command using curl to test for the vulnerability is:
- curl "http://[target]/admin/media.php?module=pengurus&act=editpengurus&id=-1' UniOn(sELect 0x283129,CONCAT(0x203a20,User(),DatabaSE(),VErsiON()),0x283329)--+"
If the response contains database user, database name, or version information, it indicates the presence of the SQL injection vulnerability.