CVE-2019-25299
SQL Injection in RimbaLinux AhadPOS 'alamatCustomer' Parameter
Publication date: 2026-02-06
Last updated on: 2026-02-06
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rimbalinux | ahadpos | 1.11 |
| rimbalinux | ahadpos | to 1.11 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2019-25299 is a high-severity SQL injection vulnerability affecting RimbaLinux AhadPOS version 1.11 and earlier. The flaw exists in the 'alamatCustomer' parameter, which can be exploited via crafted POST requests to manipulate SQL queries."}, {'type': 'paragraph', 'content': 'Attackers can use time-based and boolean-based blind SQL injection techniques to extract sensitive information or interact with the underlying database. Time-based injection uses delays in database responses to infer data, while boolean-based injection manipulates query logic to observe different application behaviors.'}] [1, 2]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': "This vulnerability allows attackers to manipulate database queries through the vulnerable 'alamatCustomer' parameter, potentially extracting sensitive information from the database."}, {'type': 'paragraph', 'content': 'Exploitation can lead to unauthorized access to confidential data, which may result in data breaches or compromise of the underlying database integrity.'}, {'type': 'paragraph', 'content': 'Because the attack can be performed remotely over the network with low complexity and no user interaction, it poses a significant risk to affected systems.'}] [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "The vulnerability can be detected by testing the 'alamatCustomer' POST parameter for SQL injection using time-based and boolean-based blind SQL injection techniques."}, {'type': 'paragraph', 'content': "One method involves sending crafted POST requests that include payloads using MySQL's SLEEP() function to observe delays in response times, indicating a time-based blind SQL injection."}, {'type': 'paragraph', 'content': 'For example, a payload could be injected that causes the database to sleep for 5 seconds if a condition is true, allowing detection by measuring response delays.'}, {'type': 'paragraph', 'content': "Boolean-based blind SQL injection can be tested by injecting logical conditions (e.g., OR 4127=4127) into the 'alamatCustomer' parameter and observing changes in application behavior or responses."}, {'type': 'paragraph', 'content': "These tests can be performed using tools like curl or specialized SQL injection testing tools by crafting POST requests with the malicious payloads in the 'alamatCustomer' parameter."}] [1, 2]
What immediate steps should I take to mitigate this vulnerability?
I don't know