CVE-2018-25400
SQL Injection in Open ISES Project via ajax/form_post.php
Publication date: 2026-05-29
Last updated on: 2026-05-29
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| open_ises_project | open_ises_project | 3.30A |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can have serious impacts including unauthorized access to sensitive database information.
- Attackers can extract database schema names and other confidential data.
- Since the vulnerability allows execution of arbitrary SQL commands without authentication, it can lead to data breaches.
- The integrity of the database could be compromised if attackers modify or delete data.
Can you explain this vulnerability to me?
The Open ISES Project version 3.30A contains a high-severity SQL injection vulnerability identified as CVE-2018-25400. This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the 'id' parameter in the form_post.php file.
Attackers exploit this flaw by sending specially crafted GET requests to the ajax/form_post.php endpoint, which enables them to manipulate the SQL queries executed by the application.
As a result, attackers can extract sensitive database information such as schema names and other data.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious GET requests to the ajax/form_post.php endpoint that include unusual or crafted SQL payloads in the 'id' parameter.
You can use network monitoring tools or web server logs to identify such requests.
- Use curl or similar tools to test the endpoint manually, for example: curl "http://target-site/ajax/form_post.php?id=1' OR '1'='1"
- Use grep or log analysis commands to search web server logs for suspicious patterns: grep "form_post.php?id=" /var/log/apache2/access.log
- Employ intrusion detection systems (IDS) or web application firewalls (WAF) that can detect SQL injection patterns in HTTP requests.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable ajax/form_post.php endpoint and applying input validation or sanitization on the 'id' parameter to prevent SQL injection.
If a patch or updated version of the Open ISES Project is available, apply it promptly.
Additionally, consider implementing a web application firewall (WAF) to block malicious SQL injection attempts targeting this endpoint.