Description
eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection to authenticate as administrator, then leverage authenticated file disclosure vulnerabilities in language_file.php to read arbitrary PHP files from the server.
Published: 2026-04-05
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Authentication Bypass and Arbitrary File Disclosure
Action: Patch Now
AI Analysis

Impact

eDirectory features multiple SQL injection flaws in its login interface that allow a remote attacker to inject SQL code into the key parameter provided during authentication. The injection is union‑based and provides a means to bypass administrator credentials, effectively granting administrative privileges to the attacker. Once authenticated, the attacker can exploit existing file disclosure weaknesses in language_file.php to read arbitrary PHP files from the server, potentially revealing sensitive information or configuration data.

Affected Systems

All publicly released versions of the eDirectory product by the eDirectory vendor are affected. No specific edition or patch level is limited; the vulnerability applies across the product line.

Risk and Exploitability

The vulnerability carries a CVSS score of 8.8, indicating a high severity rating. No EPSS score is available, and the issue is not listed in the CISA KEV catalog. Attackers can leverage the flaw over the network by sending an unauthenticated HTTP request to the login endpoint, injecting the malicious payload, and bypassing authentication to obtain full administrative rights. With those rights, attackers can read any PHP file on the server, potentially compromising confidentiality, integrity, and enabling further exploitation.

Generated by OpenCVE AI on April 6, 2026 at 01:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest vendor patch or upgrade to the fixed eDirectory release immediately.
  • Restrict network access to the login endpoint via firewall rules, VPN restrictions, or ISP-level filtering.
  • Ensure that file read operations in language_file.php are restricted to authorized users and that directory listings are disabled.
  • Monitor web application logs for suspicious authentication attempts and unauthorized file access events.

Generated by OpenCVE AI on April 6, 2026 at 01:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Arcasolutions
Arcasolutions edirectory
CPEs cpe:2.3:a:arcasolutions:edirectory:*:*:*:*:*:*:*:*
Vendors & Products Arcasolutions
Arcasolutions edirectory

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
First Time appeared Edirectory
Edirectory edirectory
Vendors & Products Edirectory
Edirectory edirectory

Mon, 06 Apr 2026 20:00:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Sun, 05 Apr 2026 22:00:00 +0000

Type Values Removed Values Added
Description eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection to authenticate as administrator, then leverage authenticated file disclosure vulnerabilities in language_file.php to read arbitrary PHP files from the server.
Title eDirectory All Versions SQL Injection Authentication Bypass
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N'}

cvssV4_0

{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Arcasolutions Edirectory
Edirectory Edirectory
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-06T18:02:52.934Z

Reserved: 2026-04-05T13:27:22.182Z

Link: CVE-2019-25675

cve-icon Vulnrichment

Updated: 2026-04-06T17:58:39.246Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-05T21:16:45.453

Modified: 2026-04-20T17:56:10.560

Link: CVE-2019-25675

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-06T21:48:12Z

Weaknesses