CVE-2018-25390
HaPe PKH 1.1 is affected by an SQL injection via the desa POST parameter sent to lap-peserta-perdesa-pdf.php. The vulnerability allows unauthenticated attackers to manipulate database queries, using a crafted time-based blind payload to infer and extract sensitive information. The connected docum...