EUVD-2025-17652
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Tags
Description
A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the codform parameter in /modules/forms/collectform.asp.
Analysis
Critical unauthenticated SQL injection vulnerability in DM Corporative CMS affecting the /modules/forms/collectform.asp endpoint via the 'codform' parameter, allowing remote attackers to execute arbitrary SQL commands without authentication. This vulnerability enables complete database compromise including data exfiltration, modification, and deletion with a CVSS score of 9.8. The exploitation likelihood depends on patch availability and active threat actor interest, though the network-accessible nature and lack of authentication requirements make this a severe priority for affected organizations.
Technical Context
This vulnerability exists in DM Corporative CMS, a content management system written in Active Server Pages (ASP), specifically within the forms collection module. The root cause is CWE-89 (Improper Neutralization of Special Elements used in an SQL Command), which occurs when user-supplied input from the 'codform' parameter is directly concatenated into SQL queries without proper parameterized query preparation or input sanitization. The affected endpoint /modules/forms/collectform.asp processes form submissions and appears to accept a 'codform' identifier that is used to construct backend database queries. By injecting SQL metacharacters (such as single quotes, UNION clauses, or comment sequences) into the codform parameter, an attacker can modify the query logic to extract sensitive data, insert malicious records, update existing data, or delete database contents entirely. The ASP/classic ASP technology stack is legacy but still deployed in enterprise environments, making this a relevant threat to organizations with legacy web infrastructure.
Affected Products
DM Corporative CMS (specific version ranges unknown from provided data; likely affects multiple versions based on the fundamental nature of the vulnerability). The vulnerable component is located at /modules/forms/collectform.asp, indicating the Forms module is affected. Without access to vendor CPE strings or advisory documentation, the likely CPE format would be: cpe:2.3:a:dm:corporative_cms:*:*:*:*:*:asp:*:*. All installations of DM Corporative CMS with the Forms module enabled and accessible via HTTP/HTTPS are potentially affected unless patched. Organizations should identify all instances of this CMS in their environment, including staging, development, and legacy systems that may no longer be actively maintained.
Remediation
Immediate remediation steps: (1) Contact DM (vendor) for urgent security patch availability and patch timeline; (2) If patches are available, prioritize deployment to production environments within 24 hours, testing in non-production environments first; (3) Implement temporary mitigations if patches are unavailable: disable the /modules/forms/collectform.asp endpoint via web server configuration (IIS URL Rewrite rules or application firewall rules), restrict network access to this endpoint via firewall rules limiting access to trusted internal networks only, implement web application firewall (WAF) rules to detect and block SQL injection patterns in the 'codform' parameter (signature-based detection for SQL metacharacters); (4) Enable comprehensive logging and monitoring of all requests to /modules/forms/collectform.asp and review logs for evidence of exploitation attempts; (5) Conduct database access logging and monitoring to detect suspicious SQL activity; (6) Perform security code review of the collectform.asp source code to identify similar SQL injection vulnerabilities in other parameters or endpoints; (7) After patching, validate remediation by performing SQL injection testing against the endpoint.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today