Tag
eNdonesia Portal version 8.7 is vulnerable to SQL injection (CVE-2018-25405), allowing unauthenticated attackers to execute arbitrary SQL queries through the artid, cid, did, contid, and aboutid parameters in mod.php, potentially leading to the extraction of sensitive database information.