CVE-2018-25351 harmistechnology CVE debrief

Who should care

Organizations running Joomla! installations with the EkRishta 2.10 component, particularly those handling sensitive user data or operating dating/matrimonial platforms. Security teams responsible for legacy Joomla! maintenance and web application security monitoring.

Technical summary

The EkRishta 2.10 component for Joomla! fails to properly sanitize user input in the username field of its login endpoint. An unauthenticated attacker can submit a POST request containing SQL injection payloads in the username parameter. The error-based nature of the vulnerability allows attackers to extract database schema information, user credentials, and system configuration through differential error responses. The attack requires no authentication, no user interaction, and can be executed remotely with low complexity.

Defensive priority

HIGH

Recommended defensive actions

• Remove or disable the EkRishta 2.10 component if no patch is available
• Implement Web Application Firewall (WAF) rules to detect and block SQL injection payloads in authentication endpoints
• Apply input validation and parameterized queries if maintaining custom code
• Monitor authentication logs for anomalous username patterns indicative of SQL injection attempts
• Review database access logs for unauthorized query execution during the exposure window

Evidence notes

CVE published 2026-05-23; modified 2026-05-26. NVD status: Deferred. CVSS 4.0 vector indicates network attack vector with low attack complexity, no privileges required, and high confidentiality impact. Weakness classified as CWE-89 (SQL Injection). Vendor attribution marked low confidence with review flag based on reference domain candidate evidence.

Official resources