Login Sign Up

CVE-2025-10798

7.3 HIGH
SQL Injection

📋 TL;DR

This SQL injection vulnerability in code-projects Hostel Management System 1.0 allows attackers to manipulate database queries through the ID parameter in the admin interface. Remote attackers can potentially read, modify, or delete database content. All installations of version 1.0 with the vulnerable file accessible are affected.

💻 Affected Systems

Products:
  • code-projects Hostel Management System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires the /justines/admin/mod_roomtype/index.php?view=view endpoint to be accessible.

📦 What is this software?

Hostel Management System by Angeljudesuarez

View all CVEs affecting Hostel Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, or full system takeover via SQL injection leading to remote code execution.

🟠

Likely Case

Unauthorized data access, privilege escalation, or data manipulation in the hostel management database.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-critical data.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit requires admin access but SQL injection is straightforward once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

No official patch available. Implement input validation and parameterized queries in /justines/admin/mod_roomtype/index.php.

🔧 Temporary Workarounds

Input Validation

all

Add server-side validation to ensure ID parameter contains only numeric values

Modify PHP code to validate $_GET['ID'] with is_numeric() or filter_var()

Web Application Firewall

all

Deploy WAF rules to block SQL injection patterns

Add WAF rule: deny requests with SQL keywords in ID parameter

🧯 If You Can't Patch

  • Restrict access to /justines/admin/ directory to trusted IP addresses only
  • Implement database user with minimal permissions (read-only if possible)

🔍 How to Verify

Check if Vulnerable:

Test the endpoint with SQL injection payload: /justines/admin/mod_roomtype/index.php?view=view&ID=1' OR '1'='1

Check Version:

Check version in application files or database configuration

Verify Fix Applied:

Test with same payload after fixes - should return error or no data

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed login attempts to admin interface
  • Unusual database queries from web server
  • SQL syntax errors in application logs

Network Indicators:

  • HTTP requests with SQL keywords in parameters
  • Unusual traffic patterns to admin endpoints

SIEM Query:

source="web_logs" AND (uri="*mod_roomtype*" AND (param="*OR*" OR param="*UNION*" OR param="*SELECT*"))

📊 Metadata

CVE ID: CVE-2025-10798
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.05% exploit probability (15.4th percentile)
Published: September 22, 2025
Last Updated: September 25, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10798, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)