Login Sign Up

CVE-2025-12855

4.7 MEDIUM
SQL Injection

📋 TL;DR

CVE-2025-12855 is an SQL injection vulnerability in Responsive Hotel Site 1.0's newsletterdel.php admin file. Attackers can manipulate the 'eid' parameter to execute arbitrary SQL commands remotely. This affects all installations of Responsive Hotel Site 1.0 with the vulnerable file accessible.

💻 Affected Systems

Products:
  • Responsive Hotel Site
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires /admin/newsletterdel.php to be accessible. Default installations are vulnerable.

📦 What is this software?

Responsive Hotel Site by Fabian

View all CVEs affecting Responsive Hotel Site →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data manipulation, or full system takeover via SQL injection to RCE chaining.

🟠

Likely Case

Unauthorized database access allowing extraction of sensitive information like user credentials, personal data, or administrative access.

🟢

If Mitigated

Limited impact if proper input validation and WAF rules block malicious SQL payloads.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit requires admin access to reach the vulnerable endpoint. Public proof-of-concept available on GitHub.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

No official patch available. Consider workarounds or replacing the software.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Add parameterized queries or input validation to newsletterdel.php to sanitize the 'eid' parameter.

Edit /admin/newsletterdel.php to use prepared statements with PDO or mysqli.

Access Restriction

linux

Restrict access to /admin/newsletterdel.php via .htaccess or web server configuration.

Order deny,allow
Deny from all
Allow from 127.0.0.1

🧯 If You Can't Patch

  • Implement a Web Application Firewall (WAF) with SQL injection rules.
  • Monitor and audit database queries for suspicious activity.

🔍 How to Verify

Check if Vulnerable:

Check if /admin/newsletterdel.php exists and inspect the code for unsanitized 'eid' parameter usage.

Check Version:

Check the software version in the admin panel or configuration files.

Verify Fix Applied:

Test the endpoint with SQL injection payloads to ensure they are blocked or sanitized.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in database logs
  • Multiple failed login attempts to admin panel

Network Indicators:

  • HTTP requests to /admin/newsletterdel.php with SQL payloads in parameters

SIEM Query:

source="web_logs" AND uri="/admin/newsletterdel.php" AND (param="eid" AND value MATCHES "' OR '1'='1")

📊 Metadata

CVE ID: CVE-2025-12855
CVSS v3 Score: 4.7 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.04% exploit probability (10.2th percentile)
Published: November 7, 2025
Last Updated: November 17, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-12855, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)