Login Sign Up

CVE-2025-12857

4.7 MEDIUM
SQL Injection

📋 TL;DR

CVE-2025-12857 is an SQL injection vulnerability in Responsive Hotel Site 1.0's roombook.php admin file that allows attackers to manipulate database queries via the 'rid' parameter. This enables unauthorized data access, modification, or deletion in the hotel management system. Organizations using this specific software version are affected.

💻 Affected Systems

Products:
  • Responsive Hotel Site
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires admin access to reach /admin/roombook.php endpoint

📦 What is this software?

Responsive Hotel Site by Fabian

View all CVEs affecting Responsive Hotel Site →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to guest data theft, reservation manipulation, financial fraud, or full system takeover.

🟠

Likely Case

Unauthorized access to guest records, reservation data, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-sensitive data.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit requires admin authentication but SQL injection is straightforward once authenticated

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

1. Check vendor website for updates 2. Apply parameterized queries to roombook.php 3. Validate and sanitize 'rid' input

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to only accept numeric values for rid parameter

Modify roombook.php to include: if(!is_numeric($_GET['rid'])) { die('Invalid input'); }

WAF Rule

all

Implement web application firewall rules to block SQL injection patterns

Add WAF rule: Detect and block SQL injection patterns in GET parameters

🧯 If You Can't Patch

  • Restrict admin panel access to specific IP addresses only
  • Implement database user with minimal required permissions

🔍 How to Verify

Check if Vulnerable:

Test roombook.php with SQL injection payloads like: /admin/roombook.php?rid=1' OR '1'='1

Check Version:

Check software version in admin panel or configuration files

Verify Fix Applied:

Verify parameterized queries are implemented and input validation rejects SQL injection attempts

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in database logs
  • Multiple failed login attempts to admin panel
  • Suspicious GET parameters containing SQL keywords

Network Indicators:

  • SQL error messages in HTTP responses
  • Unusual database connection patterns from web server

SIEM Query:

source="web_logs" AND (uri="/admin/roombook.php" AND (param="rid" AND value MATCH "[';]"))

📊 Metadata

CVE ID: CVE-2025-12857
CVSS v3 Score: 4.7 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.04% exploit probability (10.2th percentile)
Published: November 7, 2025
Last Updated: November 17, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-12857, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)