CVE-2018-25300
Received Received - Intake
Union-Based SQL Injection in XATABoost CMS 1.0.0

Publication date: 2026-04-29

Last updated on: 2026-04-29

Assigner: VulnCheck

Description
XATABoost CMS 1.0.0 contains a union-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the id parameter. Attackers can send GET requests to news.php with malicious id values to extract sensitive database information.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-29
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-04-30
EPSS Evaluated
2026-06-14
NVD
CVE-2018-25300
EUVD
EUVD-2018-21821
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
xataboost xataboost_cms to 1.0.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability allows unauthenticated attackers to extract sensitive database information through SQL injection. This exposure of sensitive data can lead to non-compliance with data protection regulations such as GDPR and HIPAA, which require the protection of personal and sensitive information from unauthorized access.

Detection Guidance

This vulnerability can be detected by monitoring for suspicious GET requests to the news.php endpoint with unusual or malicious id parameter values that may indicate SQL injection attempts.

A common approach is to use web application security scanners or manual testing tools to send crafted GET requests to news.php with various SQL injection payloads in the id parameter and observe the responses for database errors or unexpected data leakage.

Example command using curl to test for SQL injection on the id parameter:

  • curl "http://targetsite/news.php?id=1' UNION SELECT NULL--"

If the response contains database error messages or unexpected data, it may indicate the presence of the vulnerability.

Mitigation Strategies

Immediate mitigation steps include:

  • Restrict or sanitize input on the id parameter in news.php to prevent SQL injection.
  • Implement parameterized queries or prepared statements in the application code to safely handle user input.
  • Apply web application firewall (WAF) rules to detect and block malicious SQL injection attempts targeting the id parameter.
  • Monitor logs for suspicious GET requests to news.php with unusual id values.
  • Update or patch the XATABoost CMS to a version that addresses this vulnerability once available.
Executive Summary

XATABoost CMS version 1.0.0 contains a union-based SQL injection vulnerability identified as CVE-2018-25300. This flaw allows unauthenticated attackers to inject malicious SQL code through the 'id' parameter in the 'news.php' file by sending specially crafted GET requests. Exploiting this vulnerability enables attackers to manipulate database queries and extract sensitive information from the database.

Impact Analysis

This vulnerability can have a significant impact as it allows attackers to access sensitive database information without authentication. By exploiting the SQL injection flaw, attackers can retrieve confidential data, potentially leading to data breaches, loss of user privacy, and unauthorized access to critical information stored in the database.

Detection Guidance

This vulnerability can be detected by monitoring for suspicious GET requests to the news.php file with manipulated 'id' parameter values that may indicate SQL injection attempts.

A practical approach is to use network traffic inspection tools or web server logs to identify such requests.

For example, you can use the following command to search web server logs for suspicious 'id' parameters:

  • grep -i "news.php?id=" /var/log/apache2/access.log | grep -E "(\'|\"|\;|\-\-|\bUNION\b)"

This command looks for requests to news.php with 'id' parameters containing common SQL injection payload indicators such as quotes, semicolons, comments, or the UNION keyword.

Additionally, tools like sqlmap can be used to test the vulnerability by targeting the 'id' parameter in news.php with crafted payloads.

Mitigation Strategies

Immediate mitigation steps include:

  • Restrict or block access to the vulnerable news.php endpoint if possible.
  • Implement input validation and sanitization on the 'id' parameter to prevent SQL injection.
  • Use prepared statements or parameterized queries in the backend code handling the 'id' parameter.
  • Monitor logs for suspicious activity targeting the 'id' parameter and respond accordingly.
  • If available, apply patches or updates from the vendor addressing this vulnerability.
Executive Summary

XATABoost CMS 1.0.0 has a union-based SQL injection vulnerability. This means that attackers who are not authenticated can inject malicious SQL code into the database queries by manipulating the 'id' parameter in requests.

Specifically, attackers can send crafted GET requests to the 'news.php' page with malicious 'id' values, which allows them to extract sensitive information from the database.

Impact Analysis

This vulnerability can allow attackers to access sensitive database information without any authentication.

Because the attack exploits SQL injection, it can lead to unauthorized data disclosure, potentially exposing confidential or personal data stored in the database.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2018-25300. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart