CVE-2019-25675

HIGH

eDirectory All Versions SQL Injection Authentication Bypass

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-25675. PoCs published by Efrén Díaz.

AI-analyzed exploit summary The document describes multiple vulnerabilities in eDirectory software, including SQL injection, administrator login bypass, and file disclosure. It provides specific URLs and payloads for exploitation but lacks functional exploit code.

Description

eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection to authenticate as administrator, then leverage authenticated file disclosure vulnerabilities in language_file.php to read arbitrary PHP files from the server.

Exploits (1)

exploitdb WRITEUP

by Efrén Díaz · textwebappsphp

https://www.exploit-db.com/exploits/46423

View Code ZIP pw:eip

The document describes multiple vulnerabilities in eDirectory software, including SQL injection, administrator login bypass, and file disclosure. It provides specific URLs and payloads for exploitation but lacks functional exploit code.

Classification

Writeup 90%

Attack Type

Sqli | Auth Bypass | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: eDirectory (all versions)

No auth needed

Prerequisites: access to the target web application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1078 - Valid Accounts T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Apr 07, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit exploit

ExploitDB-46423

https://www.exploit-db.com/exploits/46423

Product product

Official Product Homepage

https://www.edirectory.com/

Third Party Advisory third-party-advisory

VulnCheck Advisory: eDirectory All Versions SQL Injection Authentication Bypass

https://www.vulncheck.com/advisories/edirectory-all-versions-sql-injection-authentication-bypass

Scores

CVSS v3 8.2

EPSS 0.0053

EPSS Percentile 40.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-89

Status published

Products (2)

arcasolutions/edirectory < 1.0

edirectory/eDirectory 1.0

Published Apr 05, 2026

Tracked Since Apr 06, 2026