CVE-2018-25204

HighPublic PoC

Published: 26 March 2026

Published

26 March 2026

Modified

31 March 2026

KEV Added

—

Patch

—

CVSS Score 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

EPSS Score 0.0049 65.5th percentile

Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Description

Library CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can send POST requests to the admin login endpoint with boolean-based blind SQL injection payloads in…

the username field to manipulate database queries and gain unauthorized access.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly requires validation of the username input parameter to block SQL injection payloads in admin login POST requests, preventing query manipulation and authentication bypass.

IA-2 Identification and Authentication (Organizational Users) partial match

prevent

Mandates secure identification and authentication for users, addressing authentication bypass via SQL injection in the admin login endpoint.

AC-3 Access Enforcement partial match

prevent

Enforces logical access controls to mitigate unauthorized access gained by exploiting SQL injection to manipulate database queries during login.

Security SummaryAI

CVE-2018-25204 is an SQL injection vulnerability (CWE-89) in Library CMS 1.0, a PHP and MySQL-based library management system. The flaw resides in the admin login endpoint, where the username parameter is vulnerable to injection of SQL code, enabling attackers to manipulate database queries.

Unauthenticated remote attackers can exploit this vulnerability by sending POST requests to the admin login endpoint with boolean-based blind SQL injection payloads in the username field. Successful exploitation allows bypassing authentication and gaining unauthorized access to the system. The CVSS v3.1 base score is 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N), reflecting high confidentiality impact with low integrity impact and no availability impact.

Advisories and additional details are provided in references including an exploit PoC at https://www.exploit-db.com/exploits/44728, a VulnCheck advisory at https://www.vulncheck.com/advisories/library-cms-sql-injection-via-admin-login, and the software source at https://www.wecodex.com/item/view/library-management-system-in-php-and-mysql/1.

Details

CWE(s): CWE-89

Affected Products

wecodex

library cms

1.0

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

CVE-2018-25204 is an unauthenticated SQL injection in a public-facing web application's admin login endpoint, directly enabling exploitation of public-facing applications for authentication bypass and unauthorized access.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://www.exploit-db.com/exploits/44728
Exploit, VDB Entry, Third Party Advisory · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/library-cms-sql-injection-via-admin-login
Third Party Advisory · disclosure@vulncheck.com
https://www.wecodex.com/item/view/library-management-system-in-php-and-mysql/1
Broken Link · disclosure@vulncheck.com