SQL Injection in Harmistechnology Ek Rishta
CVE-2018-25348
Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the user_deta…
Vulnerability class: SQL Injection
EPSS: 0.001 (25.5th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N.
Affected products
- Harmistechnology Ek Rishta — versions 2.10
Weakness classification (CWE)
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)
Frequently asked questions
- What is CVE-2018-25348?
- CVE-2018-25348 is a high-severity vulnerability in Harmistechnology Ek Rishta, classified under SQL Injection. CVSS score: 8.2/10. Published 2026-05-23.
- How severe is CVE-2018-25348?
- High severity. CVSS v3 base score is 8.2 out of 10.