CVE-2018-25402
SQL Injection in Open ISES Project
Publication date: 2026-05-29
Last updated on: 2026-05-29
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| open_ises_project | open_ises_project | 3.30A |
| open_ises_project | open_ises_project | to 3.30A (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The Open ISES Project version 3.30A contains an SQL injection vulnerability in the file inc_types_graph.php. This flaw allows unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the p1 parameter.
Attackers exploit this by sending specially crafted GET requests to inc_types_graph.php, which can lead to extraction of sensitive database information such as schema names and other data.
The root cause is improper neutralization of special elements used in SQL commands, classified as CWE-89.
How can this vulnerability impact me? :
This vulnerability can have serious impacts as it allows attackers to access sensitive database information without authentication.
- Attackers can extract schema names and other confidential data from the database.
- It may lead to unauthorized data disclosure and potential further exploitation of the system.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious GET requests to the inc_types_graph.php file that include unusual or crafted SQL payloads in the p1 parameter.
A practical approach is to use network traffic analysis tools or web server logs to identify such requests.
- Use tools like curl or wget to test the endpoint with SQL injection payloads, for example: curl "http://target/inc_types_graph.php?p1=' OR '1'='1"
- Search web server logs for suspicious patterns: grep "inc_types_graph.php?p1=" /var/log/apache2/access.log
- Use intrusion detection systems (IDS) or web application firewalls (WAF) with rules to detect SQL injection attempts targeting the p1 parameter.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable inc_types_graph.php file and applying input validation or sanitization on the p1 parameter to prevent SQL injection.
If possible, update the Open ISES Project to a version that addresses this vulnerability or apply patches provided by the vendor.
- Implement web application firewall (WAF) rules to block malicious SQL injection payloads targeting the p1 parameter.
- Monitor and block suspicious traffic patterns to the vulnerable endpoint.
- Restrict network access to the application to trusted users only until a fix is applied.