PatchSiren

PatchSiren cyber security CVE debrief

CVE-2018-25425 Yot CVE debrief

CVE-2018-25425 documents an unauthenticated SQL injection vulnerability in Yot CMS version 3.3.1. The flaw resides in the `aid` and `cid` parameters of `index.php`, where attacker-supplied input is incorporated directly into SQL queries without adequate sanitization. Successful exploitation allows remote, unauthenticated attackers to execute arbitrary SQL statements, potentially enabling extraction of database schema information such as table and column names. The vulnerability is classified as CWE-89 (Improper Neutralization of Special Elements in an SQL Command). The CVSS 4.0 vector indicates network attack vector with low attack complexity, no privileges required, and no user interaction, with high confidentiality impact and low integrity impact. The CVE was published to NVD on 2026-05-30 with a status of 'Received'. Vendor attribution is marked low confidence based on reference domain candidate evidence from Exploit Db, and requires review. No known exploitation in ransomware campaigns has been documented, and the vulnerability is not listed in CISA KEV.

Vendor
Yot
Product
Yot CMS
CVSS
HIGH 8.8
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-30
Original CVE updated
2026-05-30
Advisory published
2026-05-30
Advisory updated
2026-05-30

Who should care

Organizations running Yot CMS 3.3.1, security teams responsible for web application protection, database administrators, and incident response teams monitoring for SQL injection activity against PHP-based content management systems.

Technical summary

Yot CMS 3.3.1 fails to properly sanitize user-supplied input in the `aid` and `cid` parameters of `index.php`. Remote unauthenticated attackers can inject malicious SQL payloads via crafted GET requests, resulting in arbitrary SQL query execution against the backend database. This enables extraction of database metadata including table and column names. The vulnerability is network-exploitable with low complexity and requires no authentication or user interaction.

Defensive priority

HIGH

Recommended defensive actions

  • Apply input validation and parameterized queries to all database interactions, particularly for the `aid` and `cid` parameters in `index.php`
  • Implement prepared statements or stored procedures to eliminate direct SQL concatenation with user input
  • Conduct code review of Yot CMS 3.3.1 database query construction to identify additional injection points
  • Deploy Web Application Firewall (WAF) rules to detect and block SQL injection payloads targeting `aid` and `cid` parameters
  • Restrict database account privileges used by the application to limit impact of successful injection
  • Monitor access logs for anomalous GET requests to `index.php` containing SQL keywords or union-based patterns
  • Upgrade to a patched version of Yot CMS if available, or consider migrating to a maintained content management system

Evidence notes

NVD record lists vulnerability status as 'Received' as of 2026-05-30. CVSS 4.0 vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N. Weakness classified as CWE-89. Source references include exploit-db entry 45768, VulnCheck advisory, and SourceForge project page for Yot CMS. Vendor attribution confidence is low with 'needsReview' flag set.

Official resources

Unauthenticated SQL injection in Yot CMS 3.3.1 via `aid` and `cid` parameters in `index.php` GET requests.