CVE-2025-0721 – This vulnerability allows attackers to inject m... (How to Fix)

Q: What is the severity of CVE-2025-0721?

CVE-2025-0721 has a CVSS score of 4.3 (MEDIUM). This vulnerability allows attackers to inject malicious scripts via the Username parameter in the image_gallery 1.0 view.php file, leading to cross-site scripting (XSS). Remote attackers can execute arbitrary JavaScript in victims' browsers when they view manipulated content. Users of needyamin image_gallery 1.0 are affected.

📋 TL;DR

This vulnerability allows attackers to inject malicious scripts via the Username parameter in the image_gallery 1.0 view.php file, leading to cross-site scripting (XSS). Remote attackers can execute arbitrary JavaScript in victims' browsers when they view manipulated content. Users of needyamin image_gallery 1.0 are affected.

💻 Affected Systems

Products:

needyamin image_gallery

Versions: 1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the default installation when the view.php file is accessible.

📦 What is this software?

Image Gallery Management System by Needyamin

View all CVEs affecting Image Gallery Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal session cookies, perform account takeover, redirect users to malicious sites, or deliver malware through drive-by downloads.

🟠

Likely Case

Attackers hijack user sessions, deface websites, or steal sensitive information from logged-in users.

🟢

If Mitigated

Minimal impact with proper input validation, output encoding, and Content Security Policy (CSP) headers in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details are publicly available, making weaponization straightforward for attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None

Restart Required: No

Instructions:

No official patch available. Consider workarounds or migrating to a maintained alternative.

🔧 Temporary Workarounds

Input Validation and Output Encoding

all

Sanitize the Username parameter by filtering out script tags and encoding output.

Modify view.php to use htmlspecialchars() or similar functions on Username input before output.

Content Security Policy (CSP)

all

Implement CSP headers to restrict script execution sources.

Add header: Content-Security-Policy: default-src 'self'; script-src 'self'

🧯 If You Can't Patch

Disable or restrict access to the view.php file if not essential.
Implement a Web Application Firewall (WAF) to block XSS payloads.

🔍 How to Verify

Check if Vulnerable:

Test by injecting a script payload into the Username parameter and checking if it executes in the browser.

Check Version:

Check the software version in the application's documentation or configuration files.

Verify Fix Applied:

Verify that script payloads in the Username parameter are properly encoded and do not execute.

📡 Detection & Monitoring

Log Indicators:

Unusual Username parameter values containing script tags or JavaScript in access logs.

Network Indicators:

HTTP requests to view.php with suspicious Username parameters.

SIEM Query:

source="web_logs" AND uri="/view.php" AND query="*Username=*<script>*"

📊 Metadata

CVE ID: CVE-2025-0721

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CWE: CWE-79

EPSS Score: 0.1% exploit probability (27th percentile)

Published: January 27, 2025

Last Updated: April 16, 2025

🔗 References

https://vuldb.com/?ctiid.293481 Permissions Required,VDB Entry
https://vuldb.com/?id.293481 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.482812 Third Party Advisory,VDB Entry
https://www.websecurityinsights.my.id/2025/01/imagegallery-viewphpusername-cross-site.html Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0721, you might also want to check these: