CVE-2018-25386

HIGH

HaPe PKH 1.1 SQL Injection via id Parameter in admin/media.php

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25386. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary The exploit demonstrates SQL injection vulnerabilities in HaPe PKH 1.1 via multiple endpoints, using URL-encoded payloads to manipulate database queries. It includes specific HTTP requests targeting different parameters (e.g., 'id', 'nama_kelompok', 'desa') with crafted SQLi payloads.

Description

HaPe PKH 1.1 contains multiple SQL injection vulnerabilities in admin/media.php that allow attackers to manipulate database queries by injecting SQL code through the 'id' parameter. An unauthenticated attacker can exploit the desa module (module=desa&act=hapus), while authenticated users can exploit the pengurus, fasilitas, and kelompok modules (for example act=print, act=editpengurus, act=editfasilitas, and act=editkelompok). Successful exploitation allows extraction of sensitive database information including the current user, database name, and DBMS version.

Exploits (1)

exploitdb WORKING POC

by Ihsan Sencan · textwebappsphp

https://www.exploit-db.com/exploits/45588

View Code ZIP pw:eip

The exploit demonstrates SQL injection vulnerabilities in HaPe PKH 1.1 via multiple endpoints, using URL-encoded payloads to manipulate database queries. It includes specific HTTP requests targeting different parameters (e.g., 'id', 'nama_kelompok', 'desa') with crafted SQLi payloads.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: HaPe PKH 1.1

No auth needed

Prerequisites: Access to the target web application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed May 29, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit exploit

ExploitDB-45588

https://www.exploit-db.com/exploits/45588

Product product

Official Product Homepage

http://www.sitejo.id

Product product

Product Reference

https://sourceforge.net/projects/hape-pkh/files/latest/download

Third Party Advisory third-party-advisory

VulnCheck Advisory: HaPe PKH 1.1 SQL Injection via id Parameter in admin/media.php

https://www.vulncheck.com/advisories/hape-pkh-sql-injection-via-id-parameter-in-admin-media-php

Scores

CVSS v3 8.2

EPSS 0.0033

EPSS Percentile 25.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-89

Status published

Products (1)

Sitejo/HaPe PKH 1.1

Published May 29, 2026

Tracked Since May 29, 2026