CVE-2025-6502

| EUVD-2025-18864 HIGH
2025-06-23 [email protected]
7.3
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

4
Analysis Generated
Mar 15, 2026 - 22:10 vuln.today
EUVD ID Assigned
Mar 15, 2026 - 22:10 euvd
EUVD-2025-18864
PoC Detected
Jun 27, 2025 - 16:56 vuln.today
Public exploit code
CVE Published
Jun 23, 2025 - 04:15 nvd
HIGH 7.3

Tags

PHP SQLi Inventory Management System

Description

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /php_action/changePassword.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Analysis

CVE-2025-6502 is a critical SQL injection vulnerability in code-projects Inventory Management System 1.0, specifically in the /php_action/changePassword.php file where the user_id parameter is inadequately sanitized. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary SQL commands, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has been publicly disclosed with exploit details available, increasing immediate risk of active exploitation.

Technical Context

This vulnerability stems from improper input validation in a PHP-based web application (CPE: cpe:2.3:a:code-projects:inventory_management_system:1.0:*:*:*:*:*:*:*). The root cause is classified under CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component), indicating that user-supplied input in the user_id parameter is passed directly to SQL queries without proper parameterization or escaping. The affected file changePassword.php likely constructs SQL statements dynamically using string concatenation rather than prepared statements with parameterized queries, a fundamental PHP security anti-pattern. This is a server-side vulnerability requiring no client-side interaction, making it particularly dangerous in web application contexts.

Affected Products

Inventory Management System (['1.0'])

Remediation

patch: Upgrade to patched version when available from code-projects. Monitor official vendor channels for security updates. immediate_mitigation: Implement Web Application Firewall (WAF) rules to detect and block SQL injection attempts targeting /php_action/changePassword.php, particularly patterns in user_id parameter (union, select, or, drop, etc.). code_level_fix: Refactor changePassword.php to use prepared statements with parameterized queries. Replace string concatenation in SQL queries with bind parameters (mysqli prepared statements or PDO). input_validation: Implement strict input validation: user_id should be validated as numeric (integer only) before any database operation. Use type casting: (int)$_POST['user_id'] or similar strict validation. access_control: If possible, implement rate limiting and IP-based restrictions on /php_action/changePassword.php endpoint to reduce attack surface until patched. monitoring: Enable SQL error logging and monitor for suspicious SQL syntax errors in application logs that may indicate exploitation attempts.

Priority Score

57
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +36
POC: +20

Share

CVE-2025-6502 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy