Login Sign Up

CVE-2018-18798

9.8 CRITICAL
SQL Injection

📋 TL;DR

CVE-2018-18798 is a critical SQL injection vulnerability in Attendance Monitoring System 1.0 that allows attackers to execute arbitrary SQL commands via the 'id' parameter in multiple endpoints. This affects all organizations using this specific version of the attendance monitoring software. Attackers can potentially access, modify, or delete sensitive database information.

💻 Affected Systems

Products:
  • School Attendance Monitoring System
Versions: 1.0
Operating Systems: Any
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerable in default installation. Affects student/index.php?view=view, event/index.php?view=view, and user/index.php?view=view endpoints.

📦 What is this software?

School Attendance Monitoring System by School Attendance Monitoring System Project

View all CVEs affecting School Attendance Monitoring System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, or full system takeover via SQL injection to RCE escalation.

🟠

Likely Case

Unauthorized access to sensitive student, event, and user data including personal information and credentials.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-critical data.

🌐 Internet-Facing: HIGH
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Multiple public exploit scripts available. Simple SQL injection requiring no authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Input Validation Filter

all

Add parameter validation to filter 'id' parameter to only accept numeric values

Modify PHP files to add: if(!is_numeric($_GET['id'])) { die('Invalid input'); }

Web Application Firewall

all

Deploy WAF with SQL injection protection rules

🧯 If You Can't Patch

  • Isolate the system behind a firewall with strict access controls
  • Implement network segmentation to limit database access from the application server

🔍 How to Verify

Check if Vulnerable:

Test endpoints with SQL injection payloads like: student/index.php?view=view&id=1' OR '1'='1

Check Version:

Check application version in admin panel or configuration files

Verify Fix Applied:

Test with same payloads and verify proper error handling or rejection

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL error messages in application logs
  • Multiple failed parameter validation attempts

Network Indicators:

  • HTTP requests with SQL keywords in 'id' parameter
  • Unusual database query patterns

SIEM Query:

web.url:*index.php?view=view* AND (web.param.id:*OR* OR web.param.id:*UNION* OR web.param.id:*SELECT*)

📊 Metadata

CVE ID: CVE-2018-18798
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: March 21, 2019
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2018-18798, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)