{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2018-25430/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.1,"id":"CVE-2018-25430"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Paroiciel 11.20"],"_cs_severities":["high"],"_cs_tags":["sql-injection","cve-2018-25430","web-application"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eParoiciel 11.20 is susceptible to an SQL injection vulnerability identified as CVE-2018-25430. Authenticated attackers can exploit this vulnerability by injecting malicious SQL code via the eGeqIdEquipe parameter. Successful exploitation allows attackers to execute arbitrary SQL queries. The vulnerability was reported on June 1, 2026. Successful exploitation can lead to the extraction of sensitive database information, including version details and other critical data. This poses a significant risk to organizations using the affected software.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker authenticates to the Paroiciel 11.20 application.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious SQL payload designed to extract sensitive data.\u003c/li\u003e\n\u003cli\u003eThe attacker sends a GET request to the \u003ccode\u003eegeq.php\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eeGeqIdEquipe\u003c/code\u003e parameter within the GET request is injected with the malicious SQL payload.\u003c/li\u003e\n\u003cli\u003eThe Paroiciel application processes the crafted GET request without proper sanitization of the \u003ccode\u003eeGeqIdEquipe\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eThe injected SQL payload is executed against the underlying database.\u003c/li\u003e\n\u003cli\u003eSensitive information, such as database version details, is extracted by the attacker.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of the SQL injection vulnerability (CVE-2018-25430) in Paroiciel 11.20 can lead to the unauthorized disclosure of sensitive database information. This could include user credentials, configuration details, and other confidential data stored within the database. The CVSS v3.1 base score for this vulnerability is 7.1, indicating a high severity.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply available patches or upgrade to a secure version of Paroiciel to remediate CVE-2018-25430.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect CVE-2018-25430 Exploitation Attempt via eGeqIdEquipe Parameter\u0026rdquo; to identify potential exploitation attempts.\u003c/li\u003e\n\u003cli\u003eImplement input validation and sanitization for all user-supplied input, especially the \u003ccode\u003eeGeqIdEquipe\u003c/code\u003e parameter, to prevent SQL injection attacks.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-06-01T22:17:49Z","date_published":"2026-06-01T22:17:49Z","id":"https://feed.craftedsignal.io/briefs/2026-06-cve-2018-25430-sql-injection/","summary":"Paroiciel 11.20 contains an SQL injection vulnerability (CVE-2018-25430) that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the eGeqIdEquipe parameter, potentially leading to sensitive data extraction.","title":"CVE-2018-25430: Paroiciel 11.20 SQL Injection Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-06-cve-2018-25430-sql-injection/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2018-25430","version":"https://jsonfeed.org/version/1.1"}