Login Sign Up

CVE-2025-10973

7.3 HIGH
SQL Injection

📋 TL;DR

This CVE describes a SQL injection vulnerability in the JackieDYH Resume-management-system's /admin/show.php file via the userid parameter. Attackers can remotely exploit this flaw to execute arbitrary SQL commands on the database. Organizations using affected versions of this resume management system are at risk.

💻 Affected Systems

Products:
  • JackieDYH Resume-management-system
Versions: Up to commit fb6b857d852dd796e748ce30c606fe5e61c18273 (rolling release model)
Operating Systems: Any OS running the vulnerable software
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability exists in the default configuration of /admin/show.php. The rolling release model means specific version numbers are not available.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:
  1. Review the CVE details at NVD
  2. Check vendor security advisories for your specific version
  3. Test if the vulnerability is exploitable in your environment
  4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data manipulation, privilege escalation, and potential remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized access to sensitive resume data, extraction of user credentials, and potential administrative access to the application.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database permissions restricting SQL execution.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable and the exploit has been published, making internet-facing instances prime targets.
🏢 Internal Only: MEDIUM - Internal instances are still vulnerable but require network access; risk depends on internal network segmentation and access controls.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit details have been published on GitHub. The vulnerability requires access to the admin interface but SQL injection is typically straightforward to exploit once access is obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. The vendor did not respond to disclosure. Consider migrating to alternative software or implementing workarounds.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation for the userid parameter in /admin/show.php to only accept expected data types and formats.

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection protection rules to block malicious requests targeting the vulnerable endpoint.

🧯 If You Can't Patch

  • Isolate the vulnerable system in a restricted network segment with minimal access
  • Implement strict access controls to the admin interface and monitor for suspicious SQL queries

🔍 How to Verify

Check if Vulnerable:

Check if your system uses JackieDYH Resume-management-system commit fb6b857d852dd796e748ce30c606fe5e61c18273 or earlier. Test the /admin/show.php endpoint with SQL injection payloads in the userid parameter.

Check Version:

Check git commit history or version files in the application directory

Verify Fix Applied:

Verify that SQL injection attempts against the userid parameter in /admin/show.php are properly rejected or sanitized.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in database logs
  • Multiple failed login attempts to admin interface
  • Suspicious userid parameter values in web server logs

Network Indicators:

  • SQL injection patterns in HTTP requests to /admin/show.php
  • Unexpected database connections from web server

SIEM Query:

source="web_server" AND uri="/admin/show.php" AND (userid CONTAINS "'" OR userid CONTAINS "--" OR userid CONTAINS "UNION")

📊 Metadata

CVE ID: CVE-2025-10973
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.05% exploit probability (16.8th percentile)
Published: September 25, 2025
Last Updated: September 26, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10973, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)