CVE-2025-0491
Published: 15 January 2025
Description
Adversaries may leverage databases to mine valuable information.
Security Summary
CVE-2025-0491 is a critical SQL injection vulnerability in Fanli2012 native-php-cms version 1.0. The flaw resides in an unknown function within the file /fladmin/cat_dodel.php, where manipulation of the 'id' argument enables SQL injection. Published on 2025-01-15, it is associated with CWE-74 and CWE-89.
A remote attacker with low privileges can exploit this vulnerability over the network with low complexity and no user interaction required. The CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L) indicates limited impacts on confidentiality, integrity, and availability, potentially allowing unauthorized data access, modification, or disruption via injected SQL queries.
Advisories point to GitHub issues in the Fanli2012/native-php-cms repository (e.g., #13 and #2770022466) and VulDB entries (ctiid.291936, id.291936, submit.475260). The exploit has been publicly disclosed and may be actively used.
The vulnerability's public exploit availability heightens risks for unpatched instances of this PHP CMS.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
SQL injection in public-facing CMS (/fladmin/cat_dodel.php) enables exploitation of public-facing application (T1190), abuse of server software component (T1505 per advisory), and collection of data from databases via arbitrary SQL queries (T1213.006).