LeakyCreds
NewInstant webhook alerts now available — notified within seconds of any credential detection.Learn more →
Home / Vulnerability Intelligence / CVE-2018-25166

CVE-2018-25166 - Vulnerability Analysis

HighCVSS: 8.2

Last Updated: March 9, 2026

Meneame English Pligg - SQL Injection

Published: March 6, 2026Updated: March 9, 2026Remote Exploitable

Overview

Meneame English Pligg 5.8 contains an sql injection caused by unsanitized input in the search parameter in index.php, letting unauthenticated attackers execute arbitrary SQL queries and extract sensitive database information, exploit requires crafted GET requests.

Severity & Score

Severity: High
CVSS Score: 8.2
EPSS Score: 6.2%(Probability of exploitation in next 30 days)

Impact

Unauthenticated attackers can execute arbitrary SQL queries to extract sensitive database information.

Mitigation

Update to the latest version of Meneame English Pligg.

References

Social Media Activity(1 post)

Yazoul Alerts
Yazoul Alerts
@Matchbook3469
Mar 8, 2026

🟠 New security advisory: CVE-2018-25166 affects multiple systems. • Impact: Significant security breach potential • Risk: Unauthorized access or data exposure • Mitigation: Apply patches within 24-48 hours Full breakdown: https://www.yazoul.net/advisory/cve/cve-2018-25166 #Cybersecurity #VulnerabilityManagement #CyberSec

View original post

Related Resources

Details

CVE ID
CVE-2018-25166
Severity
High
CVSS Score
8.2
Type
sql_injection
Status
unconfirmed
EPSS
6.2%
Social Posts
1

CWE

  • CWE-89

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

EPSS Score

6.2%Probability of exploitation in the next 30 days