CVE-2018-25386

HaPe PKH 1.1 SQL Injection via id Parameter in admin/media.php

CVSS 8.8 HIGHEPSS 0.3%CWE-89

HaPe PKH 1.1 contains multiple SQL injection vulnerabilities in admin/media.php that allow attackers to manipulate database queries by injecting SQL code through the 'id' parameter. An unauthenticated attacker can exploit the desa module (module=desa&act=hapus), while authenticated users can exploit the pengurus, fasilitas, and kelompok modules (for example act=print, act=editpengurus, act=editfasilitas, and act=editkelompok). Successful exploitation allows extraction of sensitive database information including the current user, database name, and DBMS version.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

Affected products

Sitejo · HaPe PKH

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/45588unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://sourceforge.net/projects/hape-pkh/files/latest/download https://www.exploit-db.com/exploits/45588 https://www.vulncheck.com/advisories/hape-pkh-sql-injection-via-id-parameter-in-admin-media-php http://www.sitejo.id