{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/mgb-opensource/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.2,"id":"CVE-2018-25411"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Guestbook 0.7.0.2"],"_cs_severities":["high"],"_cs_tags":["sql-injection","cve-2018-25411","web-application"],"_cs_type":"advisory","_cs_vendors":["MGB OpenSource"],"content_html":"\u003cp\u003eMGB OpenSource Guestbook version 0.7.0.2 is vulnerable to SQL injection, as identified by CVE-2018-25411. This vulnerability allows unauthenticated attackers to inject malicious SQL code through the \u0026lsquo;id\u0026rsquo; parameter in GET requests sent to the email.php script. Successful exploitation of this vulnerability can allow attackers to extract sensitive data from the guestbook database, including table names, column names, and potentially user data. This can have serious implications for data privacy and system security, especially if the guestbook stores sensitive information. Defenders should prioritize patching or mitigating this vulnerability to prevent potential exploitation.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker identifies an MGB OpenSource Guestbook 0.7.0.2 installation.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious SQL injection payload.\u003c/li\u003e\n\u003cli\u003eThe attacker sends a GET request to \u003ccode\u003eemail.php\u003c/code\u003e with the crafted SQL payload within the \u003ccode\u003eid\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eemail.php\u003c/code\u003e script processes the request without proper sanitization of the \u003ccode\u003eid\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eThe injected SQL code is executed against the guestbook database.\u003c/li\u003e\n\u003cli\u003eThe attacker retrieves sensitive database information, such as table names and column names.\u003c/li\u003e\n\u003cli\u003eThe attacker may further exploit the SQL injection to extract user data or modify database contents.\u003c/li\u003e\n\u003cli\u003eThe attacker gains unauthorized access to sensitive information or control over the guestbook application.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2018-25411 can lead to unauthorized access to sensitive database information. This could include user credentials, personal details, or other confidential data stored within the MGB OpenSource Guestbook database. The number of affected installations is unknown. Sectors using this guestbook software are potentially vulnerable. A successful attack could result in data breaches, identity theft, or further compromise of the web server.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply available patches or upgrades to MGB OpenSource Guestbook to address CVE-2018-25411 if available from the vendor.\u003c/li\u003e\n\u003cli\u003eImplement input validation and sanitization on the \u003ccode\u003eid\u003c/code\u003e parameter in \u003ccode\u003eemail.php\u003c/code\u003e to prevent SQL injection attacks.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect MGB OpenSource Guestbook SQL Injection via email.php\u003c/code\u003e to detect exploitation attempts.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious GET requests to \u003ccode\u003eemail.php\u003c/code\u003e containing SQL injection payloads.\u003c/li\u003e\n\u003cli\u003eRestrict access to the database server from the web server to only necessary accounts and privileges.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-30T16:19:17Z","date_published":"2026-05-30T16:19:17Z","id":"https://feed.craftedsignal.io/briefs/2026-05-mgb-guestbook-sqli/","summary":"MGB OpenSource Guestbook 0.7.0.2 contains an SQL injection vulnerability (CVE-2018-25411) that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter in GET requests to email.php, potentially leading to sensitive database information disclosure.","title":"MGB OpenSource Guestbook Unauthenticated SQL Injection (CVE-2018-25411)","url":"https://feed.craftedsignal.io/briefs/2026-05-mgb-guestbook-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed — MGB OpenSource","version":"https://jsonfeed.org/version/1.1"}