CVE-2018-25207
Received Received - Intake
SQL Injection in Online Quiz Maker 1.0 Enables Data Theft

Publication date: 2026-03-26

Last updated on: 2026-03-26

Assigner: VulnCheck

Description
Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid and usern parameters that allow authenticated attackers to execute arbitrary SQL commands. Attackers can submit malicious POST requests to quiz-system.php or add-category.php with crafted SQL payloads in POST parameters to extract sensitive database information or bypass authentication.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-26
Last Modified
2026-03-26
Generated
2026-06-16
AI Q&A
2026-03-26
EPSS Evaluated
2026-06-14
NVD
CVE-2018-25207
EUVD
EUVD-2018-21673
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
hscripts online_quiz_maker 1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2018-25207 is a SQL injection vulnerability in Online Quiz Maker version 1.0 affecting the 'catid' and 'usern' POST parameters. Authenticated attackers can submit malicious SQL payloads via these parameters to files like quiz-system.php and add-category.php. This allows them to execute arbitrary SQL commands on the backend database.

The vulnerability enables different types of SQL injection attacks, including boolean-based blind SQL injection, time-based blind SQL injection using MySQL's SLEEP() function, and UNION-based SQL injection to extract sensitive database information. Additionally, the application has Cross-Site Scripting (XSS) vulnerabilities that can be exploited further.

The flaw arises from improper input validation and insufficient protection in admin-related scripts, allowing attackers with some level of authentication to manipulate database queries and potentially bypass authentication mechanisms.

Impact Analysis

This vulnerability can have serious security impacts including unauthorized access to sensitive database information, such as user credentials or quiz data.

Attackers can manipulate or extract data from the database by executing arbitrary SQL commands, potentially leading to data disclosure or data tampering.

It also allows attackers to bypass authentication mechanisms, which could enable them to gain administrative privileges and fully control the quiz application.

Such control could lead to unauthorized modification or deletion of quiz content, disruption of service, and compromise of the integrity and availability of the application.

Detection Guidance

This vulnerability can be detected by sending crafted POST requests to the vulnerable parameters 'catid' and 'usern' in the files quiz-system.php and add-category.php, respectively, and observing the responses for signs of SQL injection.

  • Use boolean-based blind SQL injection tests by appending conditions like "AND 4815=4815" to the 'catid' POST parameter and checking if the response changes.
  • Perform time-based blind SQL injection by injecting payloads such as "AND SLEEP(5)" in the 'catid' or 'usern' POST parameters and measuring response delays.
  • Use UNION-based SQL injection by injecting UNION SELECT statements with appropriate columns to extract database information.

Example command using curl to test time-based SQL injection on 'catid':

  • curl -X POST -d "catid=1 AND SLEEP(5)" http://target/quiz-system.php

Example command using curl to test time-based SQL injection on 'usern':

  • curl -X POST -d "usern=testing' AND SLEEP(5) AND 'ZECL'='ZECL" http://target/add-category.php
Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable application to trusted users only, especially since the vulnerability requires authenticated access.

Implement input validation and sanitization on the 'catid' and 'usern' POST parameters to prevent SQL injection attacks.

Apply web application firewall (WAF) rules to detect and block SQL injection payloads targeting these parameters.

If possible, update or patch the Online Quiz Maker application to a version that addresses these vulnerabilities.

Limit privileges of the database user used by the application to minimize the impact of a successful injection.

Monitor logs for suspicious POST requests to quiz-system.php and add-category.php that contain SQL injection patterns.

Compliance Impact

CVE-2018-25207 is an SQL injection vulnerability in Online Quiz Maker 1.0 that allows authenticated attackers to execute arbitrary SQL commands, potentially extracting sensitive database information or bypassing authentication.

Such vulnerabilities can lead to unauthorized access to sensitive data, which may include personal or confidential information stored in the database.

This unauthorized data access and potential data breach could negatively impact compliance with data protection regulations such as GDPR or HIPAA, which require safeguarding personal and sensitive information against unauthorized access and ensuring data confidentiality and integrity.

Therefore, exploitation of this vulnerability could result in violations of these standards due to failure to adequately protect sensitive data.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2018-25207. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart