CVE-2018-25430
SQL Injection in Paroiciel 11.20 via eGeqIdEquipe Parameter
Publication date: 2026-06-01
Last updated on: 2026-06-01
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| paroiciel | 11.20 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
Paroiciel 11.20 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the eGeqIdEquipe parameter.
Attackers can send specially crafted GET requests to the egeq.php endpoint with SQL payloads to extract sensitive database information, including version details and other data.
How can this vulnerability impact me? :
This vulnerability can allow attackers with authentication to execute arbitrary SQL commands on the database.
As a result, attackers may extract sensitive information from the database, such as version details and other confidential data, potentially leading to data breaches or further exploitation.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious GET requests to the egeq.php endpoint that include the eGeqIdEquipe parameter with potentially malicious SQL injection payloads.
Commands to detect this may include using network traffic analysis tools or web server logs to search for unusual or crafted SQL code in the eGeqIdEquipe parameter.
- Use grep or similar tools on web server logs to find requests to egeq.php with suspicious eGeqIdEquipe values, for example: grep 'egeq.php' access.log | grep 'eGeqIdEquipe='
- Use network monitoring tools like tcpdump or Wireshark to capture HTTP GET requests and filter for egeq.php endpoint usage.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the egeq.php endpoint to only trusted authenticated users, as the vulnerability requires authentication.
Additionally, input validation and parameter sanitization should be implemented on the eGeqIdEquipe parameter to prevent SQL injection.
If possible, apply patches or updates from the vendor that address this vulnerability.
As a temporary measure, monitor and block suspicious requests targeting the egeq.php endpoint.