CVE-2018-25381
Published: 25 May 2026
Summary
CVE-2018-25381 is a high-severity SQL Injection (CWE-89) vulnerability in Joomla Responsive Portfolio (inferred from references). Its CVSS base score is 7.1 (High).
Operationally, ranked at the 20.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2018-21903
Vulnerability details
Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filter_type_id, filter_pid_id, and filter_search parameters in POST requests to extract…
more
sensitive database information including credentials and server details.
- CWE(s)
Related Threats
CVEs Like This One
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.