{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2018-25319/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.1,"id":"CVE-2018-25319"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["MyEvents Addon 2.2.1"],"_cs_severities":["high"],"_cs_tags":["sqli","cve-2018-25319","redaxo"],"_cs_type":"advisory","_cs_vendors":["Redaxo"],"content_html":"\u003cp\u003eRedaxo CMS is vulnerable to SQL injection in the MyEvents Addon version 2.2.1. CVE-2018-25319 allows authenticated attackers to inject arbitrary SQL commands via the \u003ccode\u003emyevents_id\u003c/code\u003e parameter. Successful exploitation allows attackers to manipulate database queries, potentially leading to information disclosure or data modification. This vulnerability requires the attacker to be authenticated, limiting the scope of potential attackers. However, exploitation is relatively straightforward, involving crafted GET requests.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker authenticates to the Redaxo CMS instance.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious GET request targeting the \u003ccode\u003e/redaxo/index.php?addon=myevents\u0026amp;page=event_add\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eThe crafted GET request includes a \u003ccode\u003emyevents_id\u003c/code\u003e parameter containing SQL injection payload. For example, \u003ccode\u003emyevents_id=1' AND 1=1;--\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe web application processes the request and executes the injected SQL code against the database.\u003c/li\u003e\n\u003cli\u003eThe injected SQL query allows the attacker to extract sensitive information such as usernames, passwords, or other database content.\u003c/li\u003e\n\u003cli\u003eThe attacker analyzes the retrieved data to identify further attack vectors or sensitive information.\u003c/li\u003e\n\u003cli\u003eThe attacker modifies database records to escalate privileges or deface the website.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SQL injection vulnerability (CVE-2018-25319) can lead to unauthorized access to sensitive data, including user credentials and confidential information stored in the Redaxo CMS database. Attackers could potentially escalate their privileges, modify website content, or compromise the entire system. The severity is rated as High with a CVSS score of 7.1.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply any available patches or updates for the Redaxo CMS MyEvents Addon to remediate CVE-2018-25319.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect CVE-2018-25319 Exploitation — Redaxo MyEvents SQL Injection\u003c/code\u003e to identify exploitation attempts in web server logs.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious GET requests to \u003ccode\u003e/redaxo/index.php?addon=myevents\u0026amp;page=event_add\u003c/code\u003e with unusual characters in the \u003ccode\u003emyevents_id\u003c/code\u003e parameter (see IOCs).\u003c/li\u003e\n\u003cli\u003eImplement input validation and sanitization for all user-supplied data, especially for parameters used in database queries.\u003c/li\u003e\n\u003cli\u003eEnforce least privilege principles to limit the impact of potential SQL injection attacks.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-17T13:18:01Z","date_published":"2026-05-17T13:18:01Z","id":"https://feed.craftedsignal.io/briefs/2026-05-redaxo-sqli/","summary":"Redaxo CMS Addon MyEvents version 2.2.1 contains an SQL injection vulnerability (CVE-2018-25319) that allows authenticated attackers to manipulate database queries by injecting SQL code through the myevents_id parameter, enabling the extraction or modification of sensitive database information.","title":"Redaxo CMS MyEvents Addon SQL Injection Vulnerability (CVE-2018-25319)","url":"https://feed.craftedsignal.io/briefs/2026-05-redaxo-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2018-25319","version":"https://jsonfeed.org/version/1.1"}