CVE-2018-25201

Received Received - Intake

SQL Injection in School Management System CMS 1.0 Admin Login Enables Authentication Bypass

Publication date: 2026-03-26

Last updated on: 2026-03-27

Assigner: VulnCheck

Description

School Management System CMS 1.0 contains an SQL injection vulnerability in the admin login functionality that allows attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit malicious payloads using boolean-based blind SQL injection techniques to the processlogin endpoint to authenticate as administrator without valid credentials.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-03-26

Last Modified

2026-03-27

Generated

2026-06-16

AI Q&A

2026-03-26

EPSS Evaluated

2026-06-14

NVD

CVE-2018-25201

EUVD

EUVD-2018-21661

Affected Vendors & Products

Vendor	Product	Version / Range
wecodex	school_management_system_cms	1.0

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-89	The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

CWE ID

Description

CWE-89

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Attack-Flow Graph

Executive Summary

CVE-2018-25201 is an SQL injection vulnerability found in the School Management System CMS version 1.0 and earlier. It exists in the admin login functionality, specifically in the username parameter of the processlogin endpoint.

Attackers can exploit this flaw by injecting malicious SQL code using boolean-based blind SQL injection techniques. This allows them to bypass authentication and gain administrator access without valid credentials.

The vulnerability arises because the application fails to properly sanitize user input before including it in SQL queries, making it susceptible to injection attacks.

Impact Analysis

This vulnerability allows an attacker to bypass the admin login authentication and gain unauthorized administrator access to the School Management System CMS.

With administrator access, the attacker can potentially access or modify sensitive data within the underlying database, compromise the integrity of the system, and exploit further latent vulnerabilities.

The impact includes a high confidentiality risk due to unauthorized data access, while integrity impact is low and availability is not affected.

Detection Guidance

This vulnerability can be detected by testing the admin login functionality, specifically the 'username' parameter of the processlogin endpoint, for SQL injection using boolean-based blind SQL injection techniques.

One approach is to send specially crafted POST requests to the endpoint `/school/maestro/index.php?view=processlogin` with payloads designed to trigger SQL injection responses.

For example, you can use curl or similar tools to send a payload like:

curl -X POST -d 'username=admin") RLIKE (SELECT (CASE WHEN (1=1) THEN 0x61646d696e ELSE 0x28 END)) AND ("YAQS"="YAQS'&password=any' http://target/school/maestro/index.php?view=processlogin

If the response differs based on the injected condition (true or false), it indicates the presence of a boolean-based blind SQL injection vulnerability.

Mitigation Strategies

Immediate mitigation steps include:

Restrict access to the admin login endpoint to trusted IP addresses or networks to reduce exposure.
Implement input validation and sanitization on the 'username' parameter to prevent SQL injection.
Use parameterized queries or prepared statements in the backend code to safely handle user inputs.
Monitor logs for suspicious login attempts or unusual patterns that may indicate exploitation attempts.

Ultimately, update or patch the School Management System CMS to a version where this vulnerability is fixed or apply custom code fixes to prevent SQL injection.

Compliance Impact

The vulnerability allows attackers to bypass authentication and gain administrator access without valid credentials by exploiting an SQL injection flaw in the admin login functionality.

Such unauthorized access to administrative functions could potentially lead to unauthorized access to sensitive personal or protected data managed by the system.

This unauthorized access and potential data compromise may negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and proper access controls.

Hi! I’m here to help you understand CVE-2018-25201. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

CVE-2018-25201

SQL Injection in School Management System CMS 1.0 Admin Login Enables Authentication Bypass

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Quick Actions

Chat Assistant

EPSS Chart