Cyber Posture

CVE-2025-0347

HighPublic PoC

Published: 09 January 2025

Published
09 January 2025
Modified
27 February 2025
KEV Added
Patch
CVSS Score 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0007 21.6th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may leverage databases to mine valuable information.

Security Summary

CVE-2025-0347 is a critical SQL injection vulnerability (CWE-74, CWE-89) in code-projects Admission Management System 1.0. The flaw affects unknown code in the index.php file of the Login component, where manipulation of the u_id argument enables SQL code injection. Published on 2025-01-09, it carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).

Remote attackers require no privileges or user interaction to exploit this vulnerability. By injecting malicious SQL via the u_id parameter, they can achieve low-level impacts on confidentiality, integrity, and availability, such as limited data exposure, modification, or disruption.

Advisories and further details are documented on VulDB (https://vuldb.com/?id.290860, https://vuldb.com/?ctiid.290860, https://vuldb.com/?submit.476898), a GitHub issue (https://github.com/Curious-L/-/issues/3), and the project site (https://code-projects.org/).

The exploit has been publicly disclosed and may be used by attackers.

Details

CWE(s)
CWE-74CWE-89

Affected Products

anisha
admission management system
1.0

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1212 Exploitation for Credential Access Credential Access
Adversaries may exploit software vulnerabilities in an attempt to collect credentials.
attack.mitre.org →
T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
attack.mitre.org →
Why these techniques?

SQL injection vulnerability in unauthenticated public-facing web login (index.php u_id parameter) enables remote exploitation for initial access (T1190), credential access via database dumps (T1212), and collection from databases (T1213.006).

References