CodeAstro Real Estate Management System CVE-2025-14898
LOWSeverity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A security flaw has been discovered in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /admin/userbuilderdelete.php of the component Administrator Endpoint. The manipulation results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
AnalysisAI
SQL injection in CodeAstro Real Estate Management System 1.0 allows high-privilege administrators to execute arbitrary SQL queries via the /admin/userbuilderdelete.php endpoint. The vulnerability requires authenticated administrator access (CVSS PR:H) and affects only confidentiality and integrity with low impact. Publicly available exploit code exists, though exploitation is limited by the requirement for valid high-privilege credentials and carries low real-world risk due to EPSS score of 0.05% and the attacker profile (malicious insiders with admin accounts).
Technical ContextAI
The vulnerability is a SQL injection flaw (CWE-74: Improper Neutralization of Special Elements used in an SQL Command) in a PHP-based web application component. The affected file /admin/userbuilderdelete.php fails to properly sanitize or parameterize user input before constructing SQL queries, allowing authenticated administrators to inject arbitrary SQL syntax. The CodeAstro Real Estate Management System 1.0 (CPE: cpe:2.3:a:codeastro:real_estate_management_system:1.0:*:*:*:*:*:*:*) is a PHP application likely using a traditional SQL database backend without prepared statement protections in this specific endpoint. The attack vector is network-based but requires valid administrative credentials to access the protected endpoint.
RemediationAI
Apply vendor security update if available from CodeAstro at https://codeastro.com/ to patch the SQL injection in /admin/userbuilderdelete.php. If no patched version is available or deployment cannot be immediately upgraded, implement parameterized prepared statements in the /admin/userbuilderdelete.php endpoint to eliminate SQL injection, conduct code review of all administrator-facing endpoints for similar SQL injection patterns, restrict administrative console access to specific IP addresses or VPN networks using web application firewall rules, enforce strong administrator credential policies (unique passwords, multi-factor authentication, password rotation), and implement SQL query logging and anomaly detection to alert on suspicious administrator-initiated queries. Monitor VulDB (https://vuldb.com/?ctiid.337423) and the vendor website for security updates.
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear
ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Rated critical severity (C
Roundcube Webmail contains a critical PHP object deserialization vulnerability (CVE-2025-49113, CVSS 9.9) that allows au
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP c
Palo Alto Networks PAN-OS management web interface contains an authentication bypass allowing unauthenticated attackers
Nagios XI version xi-5.7.5 is affected by OS command injection. Rated high severity (CVSS 8.8), this vulnerability is re
Nagios XI version xi-5.7.5 is affected by OS command injection. Rated high severity (CVSS 8.8), this vulnerability is re
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows
The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1
NetAlertX (formerly PiAlert) versions 23.01.14 through 24.x before 24.10.12 allow unauthenticated command injection thro
The GiveWP - Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all
Share
External POC / Exploit Code
Leaving vuln.today