CVE-2018-25176
SQL Injection and File Upload Flaws in Alive Parish
Publication date: 2026-03-06
Last updated on: 2026-03-06
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| alive_parish | alive_parish | to 2.0.4 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized access to sensitive database information through SQL injection.
Attackers can execute arbitrary SQL queries, potentially extracting or manipulating data.
The arbitrary file upload vulnerability can allow attackers to upload malicious files, which may lead to remote code execution on the server, compromising the entire system.
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2018-25176 affects Alive Parish version 2.0.4 and involves two critical security issues: an SQL injection vulnerability and an arbitrary file upload vulnerability.'}, {'type': 'paragraph', 'content': 'The SQL injection vulnerability allows unauthenticated attackers to inject malicious SQL code through the "key" parameter in the search endpoint, enabling them to execute arbitrary SQL queries on the database.'}, {'type': 'paragraph', 'content': 'The arbitrary file upload vulnerability exists in the person photo upload functionality, where attackers can upload arbitrary files to the images/uploaded directory without proper validation, potentially leading to remote code execution.'}] [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'The SQL injection vulnerability can be detected by sending crafted HTTP GET requests to the search endpoint with malicious SQL payloads in the key parameter and observing the server response for errors such as HTTP 500 Internal Server Error.'}, {'type': 'list_item', 'content': 'Send a request like: curl "http://localhost/[PATH]/parish/search?key=\' OR (SELECT 1 FROM (SELECT COUNT(*),CONCAT((SELECT database()),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- -"'}, {'type': 'paragraph', 'content': 'For the arbitrary file upload vulnerability, detection involves attempting to upload a test file via the photo upload endpoint and verifying if the file is stored in the images/uploaded directory.'}, {'type': 'list_item', 'content': 'Use a command like: curl -F "People[raw_photo][email protected]" http://localhost/[PATH]/person/photo/1 -v and then check if http://localhost/[PATH]/images/uploaded/testfile.php is accessible.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling or restricting access to the vulnerable search and file upload endpoints to prevent exploitation.
Implement input validation and parameterized queries to prevent SQL injection attacks on the search functionality.
Restrict or disable the file upload feature, or enforce strict validation on uploaded files to prevent arbitrary file uploads and potential remote code execution.
Monitor web server logs for suspicious requests targeting the key parameter or file upload endpoints.