EUVD-2025-17833
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
4Description
A vulnerability classified as critical has been found in code-projects School Fees Payment System 1.0. This affects an unknown part of the file /branch.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Analysis
Critical SQL injection vulnerability in code-projects School Fees Payment System version 1.0, specifically in the /branch.php file's ID parameter, allowing remote unauthenticated attackers to execute arbitrary SQL commands. The vulnerability has been publicly disclosed with proof-of-concept exploitation available, and while the CVSS score is 7.3 (High), the unauthenticated network-accessible attack vector combined with confirmed public exploit disclosure indicates active exploitation risk. This affects all deployments of the vulnerable version without patches applied.
Technical Context
The vulnerability is rooted in CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component - Injection), which represents insufficient input validation and output encoding in SQL context. The affected application, code-projects School Fees Payment System 1.0, fails to properly sanitize or parameterize the 'ID' parameter passed to /branch.php, allowing attackers to inject malicious SQL syntax directly into database queries. The web application architecture suggests a PHP-based backend with direct SQL query construction rather than prepared statements or parameterized queries (likely MySQL/MariaDB). The attack surface is maximized by the lack of authentication requirements (PR:N in CVSS vector) and the simplicity of HTTP-based exploitation over network protocols.
Affected Products
code-projects School Fees Payment System version 1.0 - all installations. CPE data not explicitly provided in source, but inferred CPE would be: cpe:2.3:a:code-projects:school_fees_payment_system:1.0:*:*:*:*:*:*:*. Affected component: /branch.php (parameter: ID). All deployment configurations running this version on accessible web servers are affected regardless of underlying OS, web server (Apache, Nginx), or PHP version, though PHP versions supporting this codebase (likely 5.6+) are prerequisites. No vendor advisory links provided in available references.
Remediation
Immediate remediation steps: (1) **Patch/Upgrade**: Update code-projects School Fees Payment System to a version beyond 1.0 that implements parameterized queries or prepared statements for the /branch.php ID parameter; (2) **Input Validation Workaround** (if patch unavailable): Implement strict whitelist validation ensuring ID parameter contains only numeric characters before query execution (e.g., regex: ^[0-9]+$); (3) **WAF Mitigation**: Deploy Web Application Firewall rules to block requests containing SQL keywords (SELECT, UNION, DROP, etc.) in the ID parameter; (4) **Database Hardening**: Limit database user permissions to minimal required privileges (read-only for queries, no DROP/ALTER); (5) **Access Control**: Restrict /branch.php access via IP whitelisting or authentication layer until patched; (6) **Monitoring**: Enable SQL query logging and audit logs for anomalous query patterns. No official vendor patches referenced; contact code-projects support for security update availability.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today