← Back
2026-03-26 11:39CVE-2018-25204VulnCheck
PUBLISHED5.2CWE-89

Library CMS 1.0 SQL Injection via admin login

Library CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can send POST requests to the admin login endpoint with boolean-based blind SQL injection payloads in the username field to manipulate database queries and gain unauthorized access.

Problem type

Affected products

Wecodex

Library CMS

1.0 - AFFECTED

References

ExploitDB-44728

https://www.exploit-db.com/exploits/44728

exploit
Official Product Homepage

https://www.wecodex.com/item/view/library-management-system-in-php-and-mysql/1

product
VulnCheck Advisory: Library CMS 1.0 SQL Injection via admin login

https://www.vulncheck.com/advisories/library-cms-sql-injection-via-admin-login

third-party-advisory

GitHub Security Advisories

GHSA-68mg-9jq3-6jrc

Library CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to...

https://github.com/advisories/GHSA-68mg-9jq3-6jrc

Library CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can send POST requests to the admin login endpoint with boolean-based blind SQL injection payloads in the username field to manipulate database queries and gain unauthorized access.

nvd.nist.gov

https://nvd.nist.gov/vuln/detail/CVE-2018-25204

exploit-db.com

https://www.exploit-db.com/exploits/44728

vulncheck.com

https://www.vulncheck.com/advisories/library-cms-sql-injection-via-admin-login

wecodex.com

https://www.wecodex.com/item/view/library-management-system-in-php-and-mysql/1

github.com

https://github.com/advisories/GHSA-68mg-9jq3-6jrc

JSON source

https://cveawg.mitre.org/api/cve/CVE-2018-25204
Click to expand
{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2018-25204",
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "dateUpdated": "2026-03-26T18:36:14.410Z",
    "dateReserved": "2026-03-26T11:33:10.177Z",
    "datePublished": "2026-03-26T11:39:51.681Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck",
        "dateUpdated": "2026-03-26T11:39:51.681Z"
      },
      "datePublic": "2018-05-23T00:00:00.000Z",
      "title": "Library CMS 1.0 SQL Injection via admin login",
      "descriptions": [
        {
          "lang": "en",
          "value": "Library CMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can send POST requests to the admin login endpoint with boolean-based blind SQL injection payloads in the username field to manipulate database queries and gain unauthorized access."
        }
      ],
      "affected": [
        {
          "vendor": "Wecodex",
          "product": "Library CMS",
          "versions": [
            {
              "version": "1.0",
              "status": "affected"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
              "cweId": "CWE-89",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://www.exploit-db.com/exploits/44728",
          "name": "ExploitDB-44728",
          "tags": [
            "exploit"
          ]
        },
        {
          "url": "https://www.wecodex.com/item/view/library-management-system-in-php-and-mysql/1",
          "name": "Official Product Homepage",
          "tags": [
            "product"
          ]
        },
        {
          "url": "https://www.vulncheck.com/advisories/library-cms-sql-injection-via-admin-login",
          "name": "VulnCheck Advisory: Library CMS 1.0 SQL Injection via admin login",
          "tags": [
            "third-party-advisory"
          ]
        }
      ],
      "metrics": [
        {
          "format": "CVSS"
        },
        {
          "format": "CVSS",
          "cvssV3_1": {
            "version": "3.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "attackVector": "NETWORK",
            "attackComplexity": "LOW",
            "privilegesRequired": "NONE",
            "userInteraction": "NONE",
            "scope": "UNCHANGED",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH"
          }
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Özkan Mustafa Akkuş (AkkuS)",
          "type": "finder"
        }
      ]
    },
    "adp": [
      {
        "providerMetadata": {
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP",
          "dateUpdated": "2026-03-26T18:36:14.410Z"
        },
        "title": "CISA ADP Vulnrichment",
        "metrics": [
          {}
        ]
      }
    ]
  }
}