CVE-2018-25428

HIGH

Paroiciel 11.20 - Unauthenticated SQL Injection via tRecIdListe Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25428. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary The exploit demonstrates SQL injection vulnerabilities in Paroiciel 11.20 via three distinct endpoints (`trec.php`, `zpro.php`, and `egeq.php`). The payloads use UNION-based SQLi to extract database information, including table and column names, leveraging MySQL-specific functions and techniques.

Description

Paroiciel 11.20 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the tRecIdListe parameter. Attackers can send GET requests to the trec.php endpoint with crafted SQL payloads to extract database information including table and column names.

Exploits (1)

exploitdb WORKING POC
by Ihsan Sencan · textwebappsphp
https://www.exploit-db.com/exploits/45810

The exploit demonstrates SQL injection vulnerabilities in Paroiciel 11.20 via three distinct endpoints (`trec.php`, `zpro.php`, and `egeq.php`). The payloads use UNION-based SQLi to extract database information, including table and column names, leveraging MySQL-specific functions and techniques.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: Paroiciel 11.20
Auth required
Prerequisites: valid session cookies (paroi6l_auth, PHPSESSID) · access to the target web application
devstral-2 · analyzed Jun 02, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 8.2
EPSS 0.0034
EPSS Percentile 25.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (1)
Paroiciel/Paroiciel 11.20
Published Jun 01, 2026
Tracked Since Jun 02, 2026