CVE-2025-0336 – A critical SQL injection vulnerability in Codez... (How to Fix)

Q: What is the severity of CVE-2025-0336?

CVE-2025-0336 has a CVSS score of 6.3 (MEDIUM). A critical SQL injection vulnerability in Codezips Project Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the 'name' parameter in the teacher.php file. This affects all deployments of version 1.0, potentially enabling data theft, modification, or system compromise.

📋 TL;DR

A critical SQL injection vulnerability in Codezips Project Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the 'name' parameter in the teacher.php file. This affects all deployments of version 1.0, potentially enabling data theft, modification, or system compromise.

💻 Affected Systems

Products:

Codezips Project Management System

Versions: 1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of version 1.0 are vulnerable by default. The vulnerability exists in the teacher.php file within the /pages/forms/ directory.

📦 What is this software?

Project Management System by Codezips

View all CVEs affecting Project Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data exfiltration, privilege escalation, or remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized access to sensitive data including user credentials, project information, and personal data stored in the database.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries preventing successful exploitation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit available on GitHub. Attack requires no authentication and can be performed remotely with simple HTTP requests.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Consider migrating to alternative software or implementing workarounds.

🔧 Temporary Workarounds

Input Validation Filter

all

Add server-side validation to sanitize the 'name' parameter before processing

Modify teacher.php to include parameterized queries or input sanitization

WAF Rule Implementation

all

Deploy web application firewall rules to block SQL injection patterns

Add WAF rule: Detect and block SQL keywords in 'name' parameter

🧯 If You Can't Patch

Isolate the system behind a reverse proxy with strict input validation
Implement network segmentation to limit database access from the web server

🔍 How to Verify

Check if Vulnerable:

Test the /pages/forms/teacher.php endpoint with SQL injection payloads in the 'name' parameter

Check Version:

Check system documentation or configuration files for version information

Verify Fix Applied:

Verify that SQL injection attempts no longer succeed and return appropriate error handling

📡 Detection & Monitoring

Log Indicators:

Unusual SQL error messages in web server logs
Multiple failed parameter manipulation attempts

Network Indicators:

HTTP requests to teacher.php with SQL keywords in parameters
Unusual database query patterns

SIEM Query:

source="web_server" AND uri="/pages/forms/teacher.php" AND (param="name" AND value CONTAINS "UNION" OR value CONTAINS "SELECT" OR value CONTAINS "--")

📊 Metadata

CVE ID: CVE-2025-0336

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.15% exploit probability (36.2th percentile)

Published: January 9, 2025

Last Updated: March 3, 2025

🔗 References

https://github.com/fuulof/CVE/issues/1 Exploit,Mitigation,Third Party Advisory
https://vuldb.com/?ctiid.290823 Permissions Required,VDB Entry
https://vuldb.com/?id.290823 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.475493 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0336, you might also want to check these: