HIGH
Ourenergy
CVE published 2026-05-25
CVE-2018-25379
CVE-2018-25379 documents a boolean-based blind SQL injection vulnerability in Collectric CMU 1.0, specifically within the `lang` parameter of the authentication interface. The vulnerability permits unauthenticated remote attackers to manipulate database queries during login, enabling extraction of sensitive information via time-based blind injection techniques. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI: [truncated]