CVE-2025-11944 – This SQL injection vulnerability in Vvveb CMS a... (How to Fix)

Q: What is the severity of CVE-2025-11944?

CVE-2025-11944 has a CVSS score of 4.7 (MEDIUM). This SQL injection vulnerability in Vvveb CMS allows attackers to execute arbitrary SQL commands through the Raw SQL Handler import function. It affects all Vvveb installations up to version 1.0.7.3 with the vulnerable component enabled. Remote attackers can potentially access, modify, or delete database content.

📋 TL;DR

This SQL injection vulnerability in Vvveb CMS allows attackers to execute arbitrary SQL commands through the Raw SQL Handler import function. It affects all Vvveb installations up to version 1.0.7.3 with the vulnerable component enabled. Remote attackers can potentially access, modify, or delete database content.

💻 Affected Systems

Products:

givanz Vvveb CMS

Versions: Up to and including 1.0.7.3

Operating Systems: All platforms running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: Requires admin access to reach the vulnerable import.php endpoint, but SQL injection can be exploited remotely once authenticated.

📦 What is this software?

Vvveb by Vvveb

View all CVEs affecting Vvveb →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, or full system takeover via SQL injection leading to remote code execution.

🟠

Likely Case

Unauthorized database access leading to data exfiltration, privilege escalation, or data manipulation.

🟢

If Mitigated

Limited impact if database user has minimal privileges and input validation blocks malicious payloads.

🌐 Internet-Facing: HIGH - Attack can be initiated remotely without authentication to vulnerable endpoints.

🏢 Internal Only: MEDIUM - Internal attackers could exploit this if they have network access to the admin interface.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploit requires admin authentication but has been publicly disclosed. The vulnerability is in the Raw SQL Handler component's import function.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched in commit 52204b4a106b2fb02d16eee06a88a1f2697f9b35

Vendor Advisory: https://github.com/givanz/Vvveb/commit/52204b4a106b2fb02d16eee06a88a1f2697f9b35

Restart Required: No

Instructions:

1. Update to latest Vvveb version or apply commit 52204b4a106b2fb02d16eee06a88a1f2697f9b35. 2. Replace admin/controller/tools/import.php with patched version. 3. Verify no custom modifications are overwritten.

🔧 Temporary Workarounds

Disable Raw SQL Handler

all

Remove or disable access to the vulnerable import.php file

mv admin/controller/tools/import.php admin/controller/tools/import.php.disabled

Web Application Firewall Rules

all

Block SQL injection patterns targeting the import endpoint

🧯 If You Can't Patch

Restrict admin panel access to trusted IP addresses only
Implement database user with minimal required privileges

🔍 How to Verify

Check if Vulnerable:

Check if Vvveb version is ≤1.0.7.3 and admin/controller/tools/import.php exists without the patch commit hash.

Check Version:

Check Vvveb version in configuration files or admin panel

Verify Fix Applied:

Verify import.php contains the patched code from commit 52204b4a106b2fb02d16eee06a88a1f2697f9b35.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed import attempts
Admin panel access from unusual IPs

Network Indicators:

POST requests to /admin/controller/tools/import.php with SQL patterns
Unusual database connection patterns

SIEM Query:

source="web_logs" AND uri="/admin/controller/tools/import.php" AND (body CONTAINS "UNION" OR body CONTAINS "SELECT" OR body CONTAINS "INSERT")

📊 Metadata

CVE ID: CVE-2025-11944

CVSS v3 Score: 4.7 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.05% exploit probability (16.7th percentile)

Published: October 19, 2025

Last Updated: February 24, 2026

🔗 References

https://github.com/givanz/Vvveb/
https://github.com/givanz/Vvveb/commit/52204b4a106b2fb02d16eee06a88a1f2697f9b35 Patch
https://github.com/givanz/Vvveb/issues/332 Exploit,Issue Tracking
https://github.com/givanz/Vvveb/issues/332#issue-3505043543 Exploit,Third Party Advisory
https://vuldb.com/?ctiid.329024 Permissions Required,VDB Entry
https://vuldb.com/?id.329024 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.673129 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-11944, you might also want to check these: