{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2018-25416/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.2,"id":"CVE-2018-25416"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["AiOPMSD Final"],"_cs_severities":["high"],"_cs_tags":["sql-injection","cve-2018-25416","web-application"],"_cs_type":"advisory","_cs_vendors":["AiOPMSD"],"content_html":"\u003cp\u003eAiOPMSD Final 1.0.0 is susceptible to an SQL injection vulnerability (CVE-2018-25416) that allows unauthenticated attackers to execute arbitrary SQL queries. The vulnerability is located in the country parameter of the country.php file. By crafting malicious SQL payloads within the country parameter of a GET request, an attacker can potentially extract sensitive database information. This includes usernames, database names, and database version details. This vulnerability poses a significant risk to organizations using this software, as it can lead to data breaches and unauthorized access to sensitive information.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies an AiOPMSD Final 1.0.0 instance accessible over the internet.\u003c/li\u003e\n\u003cli\u003eAttacker crafts a malicious SQL injection payload to be delivered via the \u003ccode\u003ecountry\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eAttacker sends a GET request to \u003ccode\u003ecountry.php\u003c/code\u003e with the crafted SQL payload in the \u003ccode\u003ecountry\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eThe application fails to properly sanitize the \u003ccode\u003ecountry\u003c/code\u003e parameter input.\u003c/li\u003e\n\u003cli\u003eThe unsanitized input is passed directly into an SQL query.\u003c/li\u003e\n\u003cli\u003eThe database executes the attacker\u0026rsquo;s injected SQL code.\u003c/li\u003e\n\u003cli\u003eThe attacker retrieves sensitive database information, such as usernames, database names, and version details.\u003c/li\u003e\n\u003cli\u003eAttacker uses the extracted information for further malicious activities, such as gaining unauthorized access to the system or performing data exfiltration.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability can allow an attacker to extract sensitive information from the database, including usernames, database names, and version details. This can lead to a complete compromise of the application and its data, potentially resulting in significant financial losses, reputational damage, and legal liabilities. There is no mention of observed damage, specific victim counts, or targeted sectors in the source material.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect AiOPMSD SQL Injection Attempt via Country Parameter\u003c/code\u003e to your SIEM to detect suspicious GET requests to \u003ccode\u003ecountry.php\u003c/code\u003e (see rules).\u003c/li\u003e\n\u003cli\u003eInspect web server logs for GET requests to \u003ccode\u003ecountry.php\u003c/code\u003e with suspicious characters in the \u003ccode\u003ecountry\u003c/code\u003e parameter, such as SQL keywords and operators (see rules and logsource).\u003c/li\u003e\n\u003cli\u003eApply input validation and sanitization to the \u003ccode\u003ecountry\u003c/code\u003e parameter within the AiOPMSD application code to prevent SQL injection (reference CVE-2018-25416).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-30T16:20:07Z","date_published":"2026-05-30T16:20:07Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2018-25416-aiopmsd-sql-injection/","summary":"AiOPMSD Final 1.0.0 is vulnerable to SQL injection, allowing unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the country parameter via GET requests to country.php, enabling extraction of sensitive database information including usernames, database names, and version details.","title":"CVE-2018-25416 - AiOPMSD Final 1.0.0 Unauthenticated SQL Injection","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2018-25416-aiopmsd-sql-injection/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2018-25416","version":"https://jsonfeed.org/version/1.1"}