CodeAstro Real Estate Management System CVE-2025-14899
LOWSeverity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A weakness has been identified in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /admin/stateadd.php of the component Administrator Endpoint. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
AnalysisAI
SQL injection in CodeAstro Real Estate Management System 1.0 allows high-privilege administrators to inject malicious SQL via the /admin/stateadd.php endpoint, potentially compromising database integrity and confidentiality. The vulnerability requires administrative privileges to exploit and has a low CVSS score (2.0) due to restricted scope and limited impact, but publicly available exploit code exists. Real-world risk is minimal given the high privilege barrier (PR:H), though organizations running this system should prioritize patching to prevent insider threats.
Technical ContextAI
The vulnerability exists in the /admin/stateadd.php component, which is part of the Administrator Endpoint functionality in CodeAstro's PHP-based real estate management platform. The root cause is classified as CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component), indicating that user-supplied input is not properly sanitized before being passed to SQL queries. The attack vector is network-accessible (AV:N), meaning an attacker with admin credentials can remotely submit malicious SQL payloads through the HTTP interface. The affected product is identified by CPE a:codeastro:real_estate_management_system:1.0, limiting exposure to version 1.0 specifically.
RemediationAI
Upgrade CodeAstro Real Estate Management System to a patched version provided by the vendor; consult the official CodeAstro website (https://codeastro.com/) for available updates, as no specific patched version is documented in the CVE references. If no patch is available from the vendor, implement compensating controls: enforce parameterized queries or prepared statements in /admin/stateadd.php by code review or Web Application Firewall (WAF) rules to block SQL metacharacters in the affected endpoint; restrict administrative console access to a whitelist of internal IP addresses only, reducing the network attack surface; implement database-level least privilege by creating a dedicated admin database account with INSERT/UPDATE permissions only on the intended 'state' table, preventing attackers from dropping tables or accessing unrelated data. Each control reduces exploitability but does not eliminate the underlying flaw: IP whitelisting increases operational overhead and may hinder legitimate remote admin access; WAF rules may produce false positives; database privilege separation does not prevent data theft within authorized tables.
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear
ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Rated critical severity (C
Roundcube Webmail contains a critical PHP object deserialization vulnerability (CVE-2025-49113, CVSS 9.9) that allows au
Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP c
Palo Alto Networks PAN-OS management web interface contains an authentication bypass allowing unauthenticated attackers
Nagios XI version xi-5.7.5 is affected by OS command injection. Rated high severity (CVSS 8.8), this vulnerability is re
Nagios XI version xi-5.7.5 is affected by OS command injection. Rated high severity (CVSS 8.8), this vulnerability is re
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows
The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1
NetAlertX (formerly PiAlert) versions 23.01.14 through 24.x before 24.10.12 allow unauthenticated command injection thro
The GiveWP - Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all
Share
External POC / Exploit Code
Leaving vuln.today