CVE-2018-25403 in Open ISES Projectinformação

Sumário

de MITRE • 29/05/2026

The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the p1 parameter. Attackers can send GET requests to city_graph.php with crafted SQL payloads to extract sensitive database information including schema names and other data.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulnCheck

Reservar

29/05/2026

Divulgação

29/05/2026

Moderação

aceite

Entrada

VDB-367264

CPE

pronto

CWE

CWE-89 (confirmado)

Exploração

Descarregar

CVSS

8.2 (CNA)

EPSS

0.00068

KEV

não

Atividades

muito baixo

Sector

Hostingprovider, Chemical, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-25403
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-25403
CVE Details	https://www.cvedetails.com/cve/CVE-2018-25403/

◂ Voltar Visão Geral Próximo ▸

Do you need the next level of professionalism?

Upgrade your account now!