CVE-2018-25194

Name of the Vulnerable Software and Affected Versions Nominas version 0.27

Description An SQL injection issue exists in Nominas 0.27 that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can send POST requests to the ''/login/checklogin.php'' endpoint with crafted UNION-based SQL injection payloads through the username parameter. This allows extraction of database information, including usernames, database names, and version details.

Recommendations Update to a newer version of Nominas that addresses this vulnerability. As a temporary workaround, restrict access to the ''/login/checklogin.php'' endpoint. Sanitize the username parameter to prevent SQL injection attacks.