CVE-2025-1116
📋 TL;DR
This critical SQL injection vulnerability in Dreamvention Live AJAX Search Free for OpenCart allows remote attackers to execute arbitrary SQL commands via the 'keyword' parameter. Attackers can potentially read, modify, or delete database content, including sensitive user data. All OpenCart installations using affected versions of this extension are vulnerable.
💻 Affected Systems
- Dreamvention Live AJAX Search Free for OpenCart
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise leading to data theft, data destruction, or full system takeover via SQL injection to RCE chaining
Likely Case
Database information disclosure including user credentials, order data, and administrative access
If Mitigated
Limited impact with proper input validation and database permissions, potentially only error messages or partial data exposure
🎯 Exploit Status
Exploit details are publicly available in GitHub gist, making this easily exploitable
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.0.7 or later
Vendor Advisory: Not available
Restart Required: No
Instructions:
1. Update to Live AJAX Search Free version 1.0.7 or later from the OpenCart extension marketplace. 2. If update not available, remove the extension entirely.
🔧 Temporary Workarounds
Disable vulnerable extension
allTemporarily disable the Live AJAX Search extension until patched
Navigate to OpenCart admin > Extensions > Extensions > Modules > Live AJAX Search > Disable
WAF rule for SQL injection
allImplement web application firewall rules to block SQL injection attempts on search parameters
🧯 If You Can't Patch
- Remove the Live AJAX Search extension entirely from your OpenCart installation
- Implement strict input validation and parameterized queries at the application level
🔍 How to Verify
Check if Vulnerable:
Check extension version in OpenCart admin panel: Extensions > Extensions > Modules > Live AJAX SearchCheck Version:
Check OpenCart admin panel or examine extension files for version informationVerify Fix Applied:
Verify extension version is 1.0.7 or higher and test search functionality with SQL injection test payloads📡 Detection & Monitoring
Log Indicators:
- Unusual SQL queries in database logs
- Multiple failed search attempts with SQL syntax
- Requests to /?route=extension/live_search/module/live_search.searchresults with suspicious parameters
Network Indicators:
- HTTP POST/GET requests containing SQL keywords (UNION, SELECT, INSERT) in search parameters
- Abnormal traffic patterns to search endpoints
SIEM Query:
source="web_logs" AND (url="*live_search.searchresults*" AND (param="*UNION*" OR param="*SELECT*" OR param="*INSERT*"))