CVE-2018-25180
Published: 06 March 2026
Summary
CVE-2018-25180 is a high-severity SQL Injection (CWE-89) vulnerability. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 11.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2018-25180 is an SQL injection vulnerability (CWE-89) in Maitra 1.7.2, affecting the outmail and inmail modules. Authenticated attackers can inject malicious code through the mailid parameter to execute arbitrary SQL queries. The application also exposes the SQLite database file directly from its directory, enabling download and extraction of sensitive data.
Attackers require low privileges (PR:L) and network access (AV:N) to exploit this with low complexity (AC:L) and no user interaction (UI:N). Exploitation yields high confidentiality impact (C:H) by dumping mail tracking data and credentials, low integrity impact (I:L), and no availability disruption (A:N), resulting in a CVSS 3.1 base score of 7.1. The unauthenticated scope (S:U) limits lateral movement.
Advisories, including those from Vulncheck, describe the SQL injection via mailid and direct SQLite database download. An exploit is publicly available on Exploit-DB (https://www.exploit-db.com/exploits/45841). No patches or specific mitigations are detailed in the provided references.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2018-21635
Vulnerability details
Maitra 1.7.2 contains an sql injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the mailid parameter in outmail and inmail modules. Attackers can also download the SQLite database file directly from the…
more
application directory to extract sensitive mail tracking data and credentials.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in public-facing web app (mail modules) directly enables T1190; exposed SQLite DB file enables credential extraction via T1552.001.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of the mailid parameter to reject SQL metacharacters and block arbitrary query execution.
Enforces that only authorized, parameterized operations may access mail data, preventing both the injection path and direct SQLite file retrieval.
Restricts authenticated users to the minimum privileges needed for mail functions, limiting the impact of any successful injection or file access.