Login Sign Up

CVE-2025-12325

7.3 HIGH
SQL Injection Authentication Bypass

📋 TL;DR

This SQL injection vulnerability in SourceCodester Best Salon Management System 1.0 allows attackers to manipulate database queries through the email parameter in the forgot password functionality. Remote attackers can potentially access, modify, or delete database contents. All installations of version 1.0 are affected.

💻 Affected Systems

Products:
  • SourceCodester Best Salon Management System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: All default installations are vulnerable. The vulnerability exists in the /panel/forgot-password.php file.

📦 What is this software?

Best Salon Management System by Mayurik

View all CVEs affecting Best Salon Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including credential theft, data exfiltration, and potential remote code execution via database functions.

🟠

Likely Case

Unauthorized data access, credential harvesting, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting query execution.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public exploit available on GitHub. Attack requires no authentication and uses simple SQL injection techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.sourcecodester.com/

Restart Required: No

Instructions:

No official patch available. Consider implementing parameterized queries and input validation as workaround.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and parameterized queries for the email parameter in forgot-password.php

WAF Rule Implementation

all

Deploy web application firewall rules to block SQL injection patterns targeting /panel/forgot-password.php

🧯 If You Can't Patch

  • Isolate the system from internet access and restrict to internal network only
  • Implement network segmentation and strict access controls to the affected system

🔍 How to Verify

Check if Vulnerable:

Test the /panel/forgot-password.php endpoint with SQL injection payloads in the email parameter

Check Version:

Check application version in admin panel or configuration files

Verify Fix Applied:

Verify that SQL injection payloads no longer execute and return appropriate error messages

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL error messages in application logs
  • Multiple failed password reset attempts with SQL-like patterns

Network Indicators:

  • HTTP requests to /panel/forgot-password.php containing SQL keywords in parameters

SIEM Query:

source="web_logs" AND uri="/panel/forgot-password.php" AND (param="email" AND value CONTAINS "' OR ")

📊 Metadata

CVE ID: CVE-2025-12325
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.04% exploit probability (11.4th percentile)
Published: October 27, 2025
Last Updated: October 30, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-12325, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)