EUVD-2025-18483Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
A vulnerability classified as critical was found in code-projects Hostel Management System 1.0. This vulnerability affects unknown code of the file /allocate_room.php. The manipulation of the argument search_box leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
AnalysisAI
Critical SQL injection vulnerability in code-projects Hostel Management System version 1.0, specifically in the /allocate_room.php file's 'search_box' parameter. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, and system disruption. The vulnerability has been publicly disclosed with proof-of-concept code available, making it actively exploitable in the wild.
Technical ContextAI
This vulnerability stems from CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component, also known as Improperly Neutralized Special Elements in Output). The root cause is insufficient input validation and output encoding in the /allocate_room.php file, where user-supplied input from the 'search_box' parameter is directly concatenated into SQL queries without proper parameterization or escaping. The affected product is code-projects Hostel Management System 1.0, a PHP-based web application (implied by .php file extension) used for managing hostel room allocations. The vulnerability affects the database query processing layer, allowing attackers to break out of intended SQL statement boundaries and inject malicious SQL commands.
RemediationAI
Immediate actions: (1) Disable or restrict access to the /allocate_room.php endpoint until patching is possible, implementing network-level access controls or Web Application Firewall (WAF) rules to block requests containing SQL keywords in the search_box parameter; (2) Implement input validation to reject or sanitize special SQL characters (quotes, semicolons, dashes, parentheses) in the search_box parameter; (3) Switch to parameterized queries (prepared statements) in the vulnerable code to separate SQL logic from data. Long-term: Contact code-projects for availability of patched versions beyond 1.0, or migrate to actively maintained hostel management systems with secure coding practices. If patches are unavailable, implement database-level protections such as stored procedures with restricted permissions, limiting the application user account's SQL capabilities to only necessary operations. Regular security code reviews and static application security testing (SAST) should be implemented.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today