Login Sign Up

CVE-2025-12238

6.3 MEDIUM
SQL Injection

📋 TL;DR

CVE-2025-12238 is an SQL injection vulnerability in code-projects Automated Voting System 1.0 that allows attackers to manipulate database queries via the Username parameter in /admin/user.php. This can lead to unauthorized data access, modification, or deletion. Organizations using this voting system software are affected.

💻 Affected Systems

Products:
  • code-projects Automated Voting System
Versions: 1.0
Operating Systems: Any OS running the web application
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of version 1.0 are vulnerable if the /admin/user.php endpoint is accessible.

📦 What is this software?

Automated Voting System by Fabian

View all CVEs affecting Automated Voting System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the voting database including voter data manipulation, credential theft, and potential system takeover leading to election integrity compromise.

🟠

Likely Case

Unauthorized access to sensitive voter information, modification of voting records, and potential privilege escalation within the system.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only error messages or minor data exposure.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit details are publicly available on GitHub and vuldb.com, making this easily exploitable by attackers with basic SQL injection knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

1. Check code-projects.org for security updates 2. Apply any available patches 3. Validate SQL injection protection is implemented

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and parameterized queries for the Username parameter

Web Application Firewall Rules

all

Deploy WAF rules to block SQL injection patterns targeting /admin/user.php

🧯 If You Can't Patch

  • Isolate the voting system behind a firewall with strict access controls
  • Implement network segmentation to limit database access from the web application

🔍 How to Verify

Check if Vulnerable:

Test the /admin/user.php endpoint with SQL injection payloads in the Username parameter

Check Version:

Check application version in admin panel or configuration files

Verify Fix Applied:

Verify parameterized queries are implemented and test with SQL injection payloads

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in database logs
  • Multiple failed login attempts with SQL syntax in Username field
  • Unexpected database errors in application logs

Network Indicators:

  • HTTP requests to /admin/user.php containing SQL keywords like UNION, SELECT, OR 1=1

SIEM Query:

source="web_logs" AND uri="/admin/user.php" AND (query CONTAINS "UNION" OR query CONTAINS "SELECT" OR query CONTAINS "OR 1=1")

📊 Metadata

CVE ID: CVE-2025-12238
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.04% exploit probability (11th percentile)
Published: October 27, 2025
Last Updated: October 27, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-12238, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)