Login Sign Up

CVE-2025-0947

6.3 MEDIUM
SQL Injection

📋 TL;DR

CVE-2025-0947 is a critical SQL injection vulnerability in itsourcecode Tailoring Management System 1.0 that allows remote attackers to execute arbitrary SQL commands via the expid parameter in expview.php. This affects all users running the vulnerable version of the software. Successful exploitation could lead to data theft, modification, or deletion.

💻 Affected Systems

Products:
  • itsourcecode Tailoring Management System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of version 1.0 are vulnerable if expview.php is accessible.

📦 What is this software?

Tailoring Management System by Angeljudesuarez

View all CVEs affecting Tailoring Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data exfiltration, data destruction, and potential remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized data access and manipulation, potentially exposing sensitive customer and business information.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-critical data.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details are publicly available on GitHub, making this easily exploitable.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://itsourcecode.com/

Restart Required: No

Instructions:

No official patch available. Consider workarounds or migrating to alternative software.

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize the expid parameter before processing.

Modify expview.php to validate expid parameter as integer: if(!is_numeric($_GET['expid'])) { die('Invalid input'); }

WAF Rule

all

Implement web application firewall rules to block SQL injection patterns.

Add WAF rule: SecRule ARGS:expid "@detectSQLi" "id:1001,phase:2,deny,status:403"

🧯 If You Can't Patch

  • Restrict access to expview.php using IP whitelisting or authentication
  • Implement database user with minimal permissions (read-only if possible)

🔍 How to Verify

Check if Vulnerable:

Test if expview.php accepts SQL injection payloads in expid parameter: http://target/expview.php?expid=1' OR '1'='1

Check Version:

Check software version in admin panel or readme files.

Verify Fix Applied:

Test with same payloads after implementing fixes - should return error or no SQL injection behavior.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL errors in application logs
  • Multiple requests to expview.php with suspicious parameters

Network Indicators:

  • HTTP requests containing SQL keywords in expid parameter
  • Abnormal database query patterns

SIEM Query:

source="web_logs" AND uri="*expview.php*" AND (query="*UNION*" OR query="*SELECT*" OR query="*OR '1'='1*")

📊 Metadata

CVE ID: CVE-2025-0947
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.18% exploit probability (39.2th percentile)
Published: February 1, 2025
Last Updated: May 13, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0947, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)