Insurance Management System
CVE-2025-7905
LOW
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability has been found in itsourcecode Insurance Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /insertPayment.php. The manipulation of the argument recipt_no leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
AnalysisAI
SQL injection in itsourcecode Insurance Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the recipt_no parameter in /insertPayment.php, resulting in limited confidentiality and integrity impact. The vulnerability requires valid user credentials (PR:L) and carries a low CVSS score of 2.1 despite being classified critical by the discoverer. Exploit code is publicly available and has been disclosed, though no active widespread exploitation has been reported.
Technical ContextAI
The vulnerability exists in the PHP-based Insurance Management System web application at the /insertPayment.php endpoint. The recipt_no parameter is processed without proper input sanitization or parameterized query usage, enabling SQL injection attacks. CWE-74 (Improper Neutralization of Special Elements in Output) indicates that user-controlled input is not properly escaped before being used in SQL queries. The attack leverages the POST/GET parameter handling in PHP to manipulate the SQL query structure, allowing attackers authenticated to the application to read or modify database contents.
RemediationAI
No vendor-released patch has been identified at time of analysis. Immediate remediation requires upgrading to a patched version if available from itsourcecode; verify availability on https://itsourcecode.com/. If no upgrade path exists, implement the following compensating controls: (1) Restrict /insertPayment.php to authenticated users only via WAF rules or application firewall, limiting access to trusted administrative networks via IP whitelist - trade-off is reduced system flexibility for remote users; (2) Apply input validation and parameterized queries to all database interactions in the application, specifically ensuring the recipt_no parameter is cast to expected data type (numeric) before SQL query construction; (3) Implement database role-based access control, limiting the application's database user to minimum required permissions (SELECT only, if insertion is handled via stored procedures) - trade-off is operational complexity in deployment; (4) Enable SQL query logging and anomaly detection to identify exploitation attempts. Consider deprecating this legacy application and migrating to actively maintained insurance management software if security patching is unavailable.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today