Login Sign Up

CVE-2025-11104

6.3 MEDIUM
SQL Injection

📋 TL;DR

This SQL injection vulnerability in CodeAstro Electricity Billing System 1.0 allows attackers to manipulate database queries through the uid parameter in /admin/bill.php. Attackers can potentially access, modify, or delete sensitive billing data. All systems running the vulnerable version are affected.

💻 Affected Systems

Products:
  • CodeAstro Electricity Billing System
Versions: 1.0
Operating Systems: Any OS running the web application
Default Config Vulnerable: ⚠️ Yes
Notes: Requires the /admin/bill.php endpoint to be accessible. Default installations are vulnerable.

📦 What is this software?

Electricity Billing System by Codeastro

View all CVEs affecting Electricity Billing System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data manipulation, or system takeover via SQL injection to execute arbitrary commands.

🟠

Likely Case

Unauthorized access to sensitive billing data, customer information, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-critical data.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit details are publicly available. Attack requires access to the admin interface but not necessarily authentication if other vulnerabilities exist.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified

Vendor Advisory: https://codeastro.com/

Restart Required: No

Instructions:

1. Check vendor website for security updates. 2. Apply any available patches. 3. Validate input sanitization in /admin/bill.php.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement parameterized queries or input validation for the uid parameter in bill.php

Modify /admin/bill.php to use prepared statements with parameterized queries

Web Application Firewall Rules

all

Block SQL injection patterns targeting the uid parameter

Configure WAF to block requests containing SQL keywords in uid parameter

🧯 If You Can't Patch

  • Restrict access to /admin/bill.php using network ACLs or authentication requirements
  • Implement database user with minimal privileges for the application

🔍 How to Verify

Check if Vulnerable:

Test the uid parameter in /admin/bill.php with SQL injection payloads like ' OR '1'='1

Check Version:

Check application version in admin panel or configuration files

Verify Fix Applied:

Verify that SQL injection attempts no longer succeed and return proper error handling

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL errors in application logs
  • Multiple failed login attempts followed by bill.php access
  • UID parameter values containing SQL keywords

Network Indicators:

  • HTTP requests to /admin/bill.php with SQL injection patterns in parameters

SIEM Query:

source="web_logs" AND uri="/admin/bill.php" AND (param="uid" AND value MATCHES "(?i)(union|select|insert|update|delete|drop|or|and)")

📊 Metadata

CVE ID: CVE-2025-11104
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.05% exploit probability (14.9th percentile)
Published: September 28, 2025
Last Updated: October 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-11104, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)