Login Sign Up

CVE-2025-11584

7.3 HIGH
SQL Injection

📋 TL;DR

This vulnerability allows attackers to execute arbitrary SQL commands through the txtspecialization parameter in the searchjob.php file of Online Job Search Engine 1.0. Remote attackers can potentially access, modify, or delete database content without authentication. All deployments of version 1.0 are affected.

💻 Affected Systems

Products:
  • Online Job Search Engine
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of version 1.0 are vulnerable by default.

📦 What is this software?

Online Job Search Engine by Fabian

View all CVEs affecting Online Job Search Engine →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, and potential remote code execution if database permissions allow.

🟠

Likely Case

Unauthorized data access and extraction of sensitive information from the database.

🟢

If Mitigated

Limited impact with proper input validation and database permission restrictions in place.

🌐 Internet-Facing: HIGH - Remote exploitation is possible without authentication.
🏢 Internal Only: MEDIUM - Internal attackers could exploit but external threat is higher.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details are publicly available on GitHub, making this easily exploitable.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement proper input validation and parameterized queries for the txtspecialization parameter.

Modify searchjob.php to use prepared statements with parameterized queries

Web Application Firewall Rules

all

Deploy WAF rules to block SQL injection patterns targeting searchjob.php.

Add WAF rule: Block requests containing SQL keywords in txtspecialization parameter

🧯 If You Can't Patch

  • Implement network segmentation to restrict access to the vulnerable application
  • Deploy database monitoring to detect unusual SQL queries and access patterns

🔍 How to Verify

Check if Vulnerable:

Test the txtspecialization parameter in searchjob.php with SQL injection payloads like ' OR '1'='1

Check Version:

Check application version in admin panel or configuration files

Verify Fix Applied:

Verify that SQL injection payloads no longer execute and return expected error responses

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in database logs
  • Multiple failed login attempts following search queries
  • Requests to searchjob.php with SQL keywords in parameters

Network Indicators:

  • Unusual database connection patterns from web server
  • Large data transfers following search requests

SIEM Query:

source="web_logs" AND uri="/searchjob.php" AND (param="txtspecialization" AND value MATCHES "(?i)(union|select|insert|update|delete|drop|--|#|;)")

📊 Metadata

CVE ID: CVE-2025-11584
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.05% exploit probability (15.4th percentile)
Published: October 10, 2025
Last Updated: October 23, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-11584, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)