{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2018-25429/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.1,"id":"CVE-2018-25429"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Paroiciel 11.20"],"_cs_severities":["high"],"_cs_tags":["sql-injection","cve-2018-25429","web-application"],"_cs_type":"advisory","_cs_vendors":["Paroiciel"],"content_html":"\u003cp\u003eParoiciel 11.20 is susceptible to an SQL injection vulnerability (CVE-2018-25429) that allows authenticated attackers to execute arbitrary SQL queries. This vulnerability stems from the lack of proper sanitization of the \u003ccode\u003ezProIdPro\u003c/code\u003e parameter in the \u003ccode\u003ezpro.php\u003c/code\u003e script. By sending malicious SQL payloads via GET requests, attackers can extract sensitive information, including usernames, database schemas, and version details. The vulnerability was reported on 2026-06-01 and poses a significant risk to systems running the affected version of Paroiciel. Exploitation of this vulnerability could lead to unauthorized access to sensitive data, potentially compromising the confidentiality and integrity of the application and its underlying database.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn authenticated attacker identifies the vulnerable \u003ccode\u003ezpro.php\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious SQL payload designed to extract sensitive information.\u003c/li\u003e\n\u003cli\u003eThe attacker injects the SQL payload into the \u003ccode\u003ezProIdPro\u003c/code\u003e parameter within a GET request to \u003ccode\u003ezpro.php\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe server-side application fails to properly sanitize the input, passing the malicious SQL query to the database.\u003c/li\u003e\n\u003cli\u003eThe database executes the injected SQL query.\u003c/li\u003e\n\u003cli\u003eThe database returns the results of the query, which may include usernames, database schemas, or version information.\u003c/li\u003e\n\u003cli\u003eThe attacker captures the sensitive information from the HTTP response.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the extracted information to further compromise the system or gain unauthorized access to other resources.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SQL injection vulnerability (CVE-2018-25429) in Paroiciel 11.20 can lead to the disclosure of sensitive database information. This could include usernames, passwords, database schemas, and other confidential data. The CVSS v3.1 score of 7.1 reflects the high potential for confidentiality impact and the potential for limited data modification. If successfully exploited, attackers can escalate privileges or gain unauthorized access to sensitive data, leading to data breaches and reputational damage.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the Sigma rule provided to detect potential SQL injection attempts targeting the \u003ccode\u003ezProIdPro\u003c/code\u003e parameter in \u003ccode\u003ezpro.php\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eApply input validation and sanitization to the \u003ccode\u003ezProIdPro\u003c/code\u003e parameter in \u003ccode\u003ezpro.php\u003c/code\u003e to prevent SQL injection, addressing CVE-2018-25429.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious GET requests to \u003ccode\u003ezpro.php\u003c/code\u003e containing potentially malicious SQL payloads in the \u003ccode\u003ezProIdPro\u003c/code\u003e parameter.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-06-01T22:17:36Z","date_published":"2026-06-01T22:17:36Z","id":"https://feed.craftedsignal.io/briefs/2026-06-cve-2018-25429-sql-injection/","summary":"Paroiciel 11.20 is vulnerable to SQL injection, allowing authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the zProIdPro parameter, potentially extracting sensitive database information.","title":"CVE-2018-25429: Paroiciel 11.20 SQL Injection Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-06-cve-2018-25429-sql-injection/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2018-25429","version":"https://jsonfeed.org/version/1.1"}