{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2018-25379/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.2,"id":"CVE-2018-25379"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["CMU 1.0"],"_cs_severities":["high"],"_cs_tags":["sql-injection","cve-2018-25379","web-application"],"_cs_type":"advisory","_cs_vendors":["Collectric"],"content_html":"\u003cp\u003eCollectric CMU 1.0 is susceptible to a boolean-based blind SQL injection vulnerability, identified as CVE-2018-25379, which resides within the \u0026rsquo;lang\u0026rsquo; parameter. This vulnerability allows unauthenticated attackers to inject arbitrary SQL code into login requests. By exploiting this flaw, attackers can manipulate database queries, potentially leading to the extraction of sensitive information from the database. The exploitation relies on time-based blind techniques, where the attacker infers the results of their injected SQL code based on the time it takes for the server to respond. This poses a significant threat to the confidentiality of the CMU 1.0 system and its data.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker identifies the login page of Collectric CMU 1.0.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting the login endpoint.\u003c/li\u003e\n\u003cli\u003eWithin the request, the attacker injects SQL code into the \u0026rsquo;lang\u0026rsquo; parameter.\u003c/li\u003e\n\u003cli\u003eThe server processes the request, executing the injected SQL code against the database.\u003c/li\u003e\n\u003cli\u003eUsing boolean-based blind techniques, the attacker infers the results of the injected SQL query by observing response times.\u003c/li\u003e\n\u003cli\u003eThe attacker iteratively refines the injected SQL code, attempting to extract sensitive information such as usernames, passwords, or other confidential data.\u003c/li\u003e\n\u003cli\u003eSuccessful exploitation leads to the unauthorized disclosure of sensitive information stored within the Collectric CMU 1.0 database.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2018-25379 can lead to the complete compromise of the Collectric CMU 1.0 system. Attackers could gain unauthorized access to sensitive user credentials and confidential data. The vulnerability could enable data breaches, identity theft, and unauthorized modifications to the system. The lack of authentication required to exploit this vulnerability increases the risk and potential impact.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply appropriate input validation and sanitization to the \u0026rsquo;lang\u0026rsquo; parameter to prevent SQL injection attacks.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect CVE-2018-25379 Exploitation — SQL Injection via lang Parameter\u003c/code\u003e to identify attempts to exploit this vulnerability in web server logs.\u003c/li\u003e\n\u003cli\u003eImplement parameterized queries or prepared statements to prevent SQL injection vulnerabilities.\u003c/li\u003e\n\u003cli\u003eRegularly audit and assess web applications for SQL injection and other vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-26T14:17:09Z","date_published":"2026-05-26T14:17:09Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2018-25379-sqli/","summary":"Collectric CMU 1.0 is vulnerable to CVE-2018-25379, a boolean-based blind SQL injection, allowing unauthenticated attackers to manipulate database queries via the 'lang' parameter, potentially extracting sensitive information using time-based techniques.","title":"Collectric CMU 1.0 Boolean-Based Blind SQL Injection Vulnerability (CVE-2018-25379)","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2018-25379-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2018-25379","version":"https://jsonfeed.org/version/1.1"}