EUVD-2025-28717

| CVE-2025-6316 HIGH
2025-06-20 [email protected]
7.3
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

4
Analysis Generated
Mar 15, 2026 - 00:19 vuln.today
EUVD ID Assigned
Mar 15, 2026 - 00:19 euvd
EUVD-2025-28717
PoC Detected
Jun 26, 2025 - 21:10 vuln.today
Public exploit code
CVE Published
Jun 20, 2025 - 07:15 nvd
HIGH 7.3

Tags

PHP SQLi Remote Code Execution Online Shoe Store

Description

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/admin_running.php. The manipulation of the argument qty leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Analysis

CVE-2025-6316 is a critical SQL injection vulnerability in code-projects Online Shoe Store version 1.0, specifically in the /admin/admin_running.php file where the 'qty' parameter is improperly sanitized. An unauthenticated remote attacker can exploit this flaw to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has been publicly disclosed with exploit code available, and while the CVSS score is 7.3 (high), the attack vector is network-based with low complexity, indicating active exploitation is feasible.

Technical Context

This vulnerability stems from CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component, also known as 'Injection'), specifically SQL injection. The Online Shoe Store application fails to properly validate or parameterize SQL queries when processing the 'qty' (quantity) parameter in the administrative interface at /admin/admin_running.php. Rather than using prepared statements or parameterized queries, the application concatenates user input directly into SQL commands. The affected component appears to handle inventory or order quantity management, a common administrative function in e-commerce applications. This is a classic input validation failure where user-supplied data is treated as executable SQL code without proper escaping or type checking.

Affected Products

Product: code-projects Online Shoe Store, Version: 1.0, Affected File: /admin/admin_running.php, Vulnerable Parameter: qty. CPE string would be: cpe:2.3:a:code-projects:online_shoe_store:1.0:*:*:*:*:*:*:*. This appears to be a niche open-source or commercial e-commerce platform. Affected systems are those running this specific application version without patches. The administrative interface exposure suggests that while authentication may exist at the application level, the SQL injection flaw bypasses intended security controls.

Remediation

Immediate actions: (1) Update to a patched version of Online Shoe Store if available from code-projects; (2) Implement parameterized queries/prepared statements for all SQL operations, particularly in /admin/admin_running.php where the 'qty' parameter is processed; (3) Apply input validation to the 'qty' parameter ensuring it accepts only numeric values; (4) Use Web Application Firewall (WAF) rules to detect and block SQL injection patterns in the qty parameter (signatures: SQL keywords like UNION, SELECT, OR '1'='1, etc.); (5) Restrict administrative interface access to trusted IP addresses and implement strong authentication mechanisms; (6) Conduct code review of all user input handling in administrative functions. Given the public POC availability, patching should be prioritized within 24-48 hours for exposed instances.

Priority Score

57
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +36
POC: +20

Share

EUVD-2025-28717 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy