CVE-2019-25433
SQL Injection in XOOPS CMS 2.5.9 Allows Data Extraction
Publication date: 2026-02-22
Last updated on: 2026-02-22
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| xoops | cms | 2.5.9 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
XOOPS CMS version 2.5.9 contains an SQL injection vulnerability in the gerar_pdf.php script, specifically through the cid parameter.
This vulnerability allows unauthenticated attackers to inject malicious SQL code by sending specially crafted GET requests to the gerar_pdf.php endpoint.
By exploiting this flaw, attackers can manipulate database queries, potentially extracting sensitive information from the database without authorization.
How can this vulnerability impact me? :
The SQL injection vulnerability can lead to unauthorized access to sensitive database information.
Attackers can exploit this flaw to extract confidential data, which may include user information or other critical content stored in the database.
Since the vulnerability is exploitable without authentication, it poses a high risk of data compromise and potential database manipulation.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This SQL injection vulnerability in XOOPS CMS 2.5.9 can be detected by monitoring for suspicious GET requests to the gerar_pdf.php endpoint with the cid parameter containing potentially malicious SQL code.'}, {'type': 'paragraph', 'content': 'One method to identify vulnerable instances is to use Google dorks such as "inurl:gerar_pdf.php inurl:modules" to locate XOOPS installations exposing this endpoint.'}, {'type': 'paragraph', 'content': 'On your system or network, you can use tools like curl or wget to send crafted GET requests to the gerar_pdf.php script with various cid parameter values to test for SQL injection responses.'}, {'type': 'list_item', 'content': 'Example curl command to test the vulnerability: curl "http://targetsite.com/patch/modules/patch/gerar_pdf.php?cid=1\' OR \'1\'=\'1"'}, {'type': 'list_item', 'content': 'Use network monitoring tools or web application firewalls (WAF) logs to detect unusual or repeated requests to gerar_pdf.php with suspicious cid parameters.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the gerar_pdf.php endpoint, especially to unauthenticated users, to prevent exploitation.
Implement input validation and sanitization on the cid parameter to prevent SQL injection attacks.
If possible, apply patches or updates from XOOPS CMS that address this vulnerability or upgrade to a newer, secure version.
Use web application firewalls (WAF) to detect and block malicious SQL injection attempts targeting the cid parameter.
Monitor logs for suspicious activity related to gerar_pdf.php and respond promptly to any detected exploitation attempts.