Login Sign Up

CVE-2018-18800

9.8 CRITICAL
SQL Injection

📋 TL;DR

CVE-2018-18800 is a critical SQL injection vulnerability in Tubigan 'Welcome to our Resort' 1.0 software that allows attackers to execute arbitrary SQL commands through multiple endpoints. This affects any organization using this specific resort management software version 1.0. Successful exploitation could lead to complete database compromise.

💻 Affected Systems

Products:
  • Tubigan 'Welcome to our Resort'
Versions: 1.0
Operating Systems: Any OS running PHP/MySQL
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerable in default installation. Requires PHP/MySQL environment.

📦 What is this software?

Welcome To Our Resort by Tubigan

View all CVEs affecting Welcome To Our Resort →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database takeover, data exfiltration, authentication bypass, and potential remote code execution if database permissions allow.

🟠

Likely Case

Database information disclosure, credential theft, and potential privilege escalation to administrative access.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Multiple public exploit scripts available. No authentication required for exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

No official patch available. Consider migrating to alternative software or implementing custom fixes.

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to filter SQL injection attempts

Modify index.php and admin/login.php to sanitize 'q' parameter input

WAF Rule Implementation

all

Deploy web application firewall rules to block SQL injection patterns

Add WAF rules to detect and block SQL injection patterns in URL parameters

🧯 If You Can't Patch

  • Isolate the application behind a reverse proxy with strict input validation
  • Implement network segmentation to limit database access from the application server

🔍 How to Verify

Check if Vulnerable:

Test endpoints with SQL injection payloads: index.php?p=accomodation&q=' OR '1'='1

Check Version:

Check software version in admin panel or configuration files

Verify Fix Applied:

Test with same payloads after implementing fixes - should return error or no data

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL error messages in logs
  • Multiple failed login attempts from single IP
  • Long or unusual query parameters

Network Indicators:

  • SQL keywords in URL parameters
  • Unusual database connection patterns
  • High volume of requests to vulnerable endpoints

SIEM Query:

source="web_logs" AND (url="*index.php?p=accomodation*" OR url="*index.php?p=rooms*" OR url="*admin/login.php*") AND (url="*q=*'*" OR url="*q=*SELECT*" OR url="*q=*UNION*")

📊 Metadata

CVE ID: CVE-2018-18800
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: May 14, 2019
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2018-18800, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)