RUET OJ
CVE-2025-12328
LOW
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability was identified in shawon100 RUET OJ up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5. Impacted is an unknown function of the file /contestproblem.php. Such manipulation of the argument Name leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
SQL injection in RUET OJ via the Name parameter in /contestproblem.php allows authenticated remote attackers to execute arbitrary SQL queries with limited impact on confidentiality and integrity. The vulnerability affects the rolling-release codebase up to commit 18fa45b0a669fa1098a0b8fc629cf6856369d9a5, requires valid login credentials to exploit, and carries a very low CVSS score (2.1) despite publicly available exploit code, indicating minimal real-world risk due to authentication barriers and constrained database access.
Technical ContextAI
RUET OJ is an online judge system built on PHP that processes contest problem submissions. The vulnerability exists in the /contestproblem.php script where user-supplied input from the Name parameter is insufficiently sanitized before being passed to SQL queries, violating CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component-'Injection'). The affected product uses a rolling-release development model with commits tracked via Git; the vulnerability was identified in commit 18fa45b0a669fa1098a0b8fc629cf6856369d9a5. CPE designation (cpe:2.3:a:shawonruet:ruet_oj) indicates this is an application-tier vulnerability rather than system-level.
RemediationAI
Since RUET OJ operates on rolling-release basis with no published patched version identifier, the primary remediation is to pull the latest commits from the main development branch (post-18fa45b0a669fa1098a0b8fc629cf6856369d9a5) and deploy. Immediate workarounds include: (1) apply prepared statements and parameterized queries to the /contestproblem.php Name parameter handling to prevent SQL injection syntax interpretation; (2) implement input validation to reject Name values containing SQL metacharacters (single quotes, double quotes, semicolons, parentheses) or use an allowlist of permitted characters; (3) restrict database user permissions to read-only access where feasible for contest problem queries, limiting the damage if injection occurs; (4) enable database query logging and set up alerts for syntax anomalies in SQL statements against the affected table. No vendor advisory has been published (vendor was contacted but did not respond), so patch confirmation via official channels is unavailable - verify remediation by code review of /contestproblem.php after updating.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today