CVE-2018-25401
SQL Injection in Open ISES Project via p1 Parameter
Publication date: 2026-05-29
Last updated on: 2026-05-29
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| open_ises_project | open_ises_project | 3.30A |
| open_ises_project | open_ises_project | 3.30 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The Open ISES Project version 3.30A contains a high-severity SQL injection vulnerability in the sever_graph.php file. This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the p1 parameter.
Attackers can exploit this flaw by sending crafted GET requests to sever_graph.php, which can lead to extraction of sensitive database information such as schema names and other data.
How can this vulnerability impact me? :
This vulnerability can have significant impacts as it allows attackers to access sensitive database information without authentication.
- Attackers can extract database schema names and other sensitive data.
- The vulnerability has a high CVSS score (8.8), indicating a serious risk to confidentiality.
- It can lead to unauthorized data disclosure and potential further exploitation of the system.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious GET requests to the sever_graph.php file that include the p1 parameter with potentially malicious SQL payloads.
A practical approach is to inspect web server logs for requests matching the pattern: sever_graph.php?p1= followed by SQL injection attempts.
- Use command-line tools like grep to search logs for suspicious requests, for example: grep "sever_graph.php?p1=" /var/log/apache2/access.log
- Use curl or wget to test the endpoint with crafted SQL payloads to verify if the system is vulnerable.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting or filtering access to sever_graph.php to prevent unauthenticated requests with malicious p1 parameters.
Implement input validation and parameterized queries in the application code to prevent SQL injection.
If possible, apply any available patches or updates from the Open ISES Project that address this vulnerability.
Monitor logs for suspicious activity and consider temporarily disabling the affected functionality if it is not critical.