CVE-2019-25675

HIGH

eDirectory All Versions SQL Injection Authentication Bypass

Title source: cna

Description

eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection to authenticate as administrator, then leverage authenticated file disclosure vulnerabilities in language_file.php to read arbitrary PHP files from the server.

Exploits (1)

exploitdb WRITEUP

by Efrén Díaz · textwebappsphp

https://www.exploit-db.com/exploits/46423

View Code ZIP pw:eip

References (3)

Core 3

Core References

Exploit exploit

ExploitDB-46423

https://www.exploit-db.com/exploits/46423

Product product

Official Product Homepage

https://www.edirectory.com/

Third Party Advisory third-party-advisory

VulnCheck Advisory: eDirectory All Versions SQL Injection Authentication Bypass

https://www.vulncheck.com/advisories/edirectory-all-versions-sql-injection-authentication-bypass

Scores

CVSS v3 8.2

EPSS 0.0013

EPSS Percentile 31.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-89

Status published

Products (2)

arcasolutions/edirectory < 1.0

edirectory/eDirectory 1.0

Published Apr 05, 2026

Tracked Since Apr 06, 2026