CVE-2018-25175
SQL Injection in Alienor Web Libre 2.0 Allows Data Exposure
Publication date: 2026-03-06
Last updated on: 2026-03-06
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| alienor_web_libre | 2.0 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
Alienor Web Libre 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the identifiant parameter.
Attackers can submit crafted POST requests to the index.php file with SQL injection payloads in the identifiant field, which exploits improper input sanitization in the application.
This vulnerability enables attackers to extract sensitive database information such as usernames, database names, and version details by leveraging subqueries on database tables.
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'This vulnerability can lead to unauthorized disclosure of sensitive database information including usernames, database names, and version details.'}, {'type': 'paragraph', 'content': 'Because the vulnerability allows execution of arbitrary SQL queries without authentication, attackers can potentially access or manipulate sensitive data stored in the database.'}, {'type': 'paragraph', 'content': "Such unauthorized access can compromise the confidentiality and integrity of the affected system's data."}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This SQL injection vulnerability can be detected by sending crafted POST requests to the index.php file with malicious SQL payloads in the identifiant parameter.'}, {'type': 'paragraph', 'content': 'A typical detection command involves using tools like curl to submit a POST request with an SQL injection payload to test if the application is vulnerable.'}, {'type': 'list_item', 'content': 'curl -X POST -d "identifiant=\' OR 1=1-- " http://targetsite/index.php'}, {'type': 'list_item', 'content': 'curl -X POST -d "identifiant=\' UNION SELECT user(), database(), version()-- " http://targetsite/index.php'}, {'type': 'paragraph', 'content': 'If the response contains database user names, database names, or version information, it indicates the presence of the SQL injection vulnerability.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing proper input validation and sanitization on the identifiant parameter to prevent SQL injection.
Using prepared statements or parameterized queries in the application code will help prevent injection of malicious SQL.
Additionally, restricting database user permissions to limit data exposure and monitoring web traffic for suspicious POST requests targeting index.php can reduce risk.
Applying any available patches or updates from the vendor is also recommended once they are released.