CVE-2018-25205
SQL Injection in ASP.NET jVideo Kit 1.0 Search Endpoint
Publication date: 2026-03-26
Last updated on: 2026-03-26
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mediasoft_pro | asp.net_jvideo_kit | to 1.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2018-25205 is a high-severity SQL injection vulnerability affecting ASP.NET jVideo Kit version 1.0 and earlier.
The vulnerability allows unauthenticated attackers to inject malicious SQL commands through the 'query' parameter in the search functionality, which can be accessed via GET or POST requests to the /search endpoint.
Attackers can exploit this flaw using boolean-based blind or error-based SQL injection techniques to extract sensitive information from the backend database.
How can this vulnerability impact me? :
This vulnerability can allow attackers to execute arbitrary SQL commands on the backend database without authentication.
As a result, attackers can extract sensitive database information, potentially leading to unauthorized data access or manipulation.
The impact includes a high confidentiality breach, while integrity impact is lower, and availability is not affected.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This SQL injection vulnerability can be detected by testing the 'query' parameter in the /search endpoint using specially crafted SQL payloads via GET or POST requests.
- Use a GET request with a payload like: http://your-target.com/search?query=test%' AND 3923=3923 AND '%'=' to check for boolean-based blind SQL injection.
- Use a POST request with payload: Query=test%' AND 3923=3923 AND '%'=' to test the same injection point.
- Try error-based SQL injection payloads targeting Microsoft SQL Server, for example: query=test%' AND 1603 IN (SELECT (CHAR(113)+CHAR(107)+CHAR(113)+CHAR(122)+CHAR(113)+(SELECT (CASE WHEN (1603=1603) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(122)+CHAR(113)+CHAR(113))) AND '%'='
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The SQL injection vulnerability in ASP.NET jVideo Kit 1.0 allows unauthenticated attackers to extract sensitive information from the backend database. This unauthorized access to sensitive data can lead to violations of data protection regulations such as GDPR and HIPAA, which require the protection of personal and sensitive information from unauthorized disclosure.
By enabling attackers to access or manipulate sensitive data, this vulnerability undermines the confidentiality and integrity requirements mandated by these standards, potentially resulting in non-compliance and associated legal or financial penalties.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the SQL injection vulnerability in ASP.NET jVideo Kit 1.0, immediate steps include:
- Restrict or disable access to the /search endpoint until a fix is applied.
- Implement input validation and sanitization on the 'query' parameter to prevent injection of malicious SQL commands.
- Use parameterized queries or prepared statements in the backend code handling the search functionality.
- Monitor and analyze logs for suspicious GET or POST requests targeting the 'query' parameter.
- Apply any available patches or updates from the vendor or consider upgrading to a version without this vulnerability.