Login Sign Up

CVE-2025-12929

7.3 HIGH
SQL Injection

📋 TL;DR

This SQL injection vulnerability in SourceCodester Survey Application System 1.0 allows attackers to manipulate database queries through the fullname parameter in the save_user/update_user functions. Attackers can potentially read, modify, or delete database contents, and the vulnerability is remotely exploitable. Organizations using this specific version of the survey application are affected.

💻 Affected Systems

Products:
  • SourceCodester Survey Application System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability exists in the default installation and affects the /LoginRegistration.php file.

📦 What is this software?

Survey Application System by Oretnom23

View all CVEs affecting Survey Application System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data manipulation, privilege escalation, and potential system takeover via SQL injection leading to remote code execution.

🟠

Likely Case

Unauthorized data access and manipulation of survey data, user credentials, and application configuration.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and network segmentation in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details are publicly available on GitHub, making this easily exploitable by attackers with basic SQL injection knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.sourcecodester.com/

Restart Required: No

Instructions:

1. Check vendor website for security updates. 2. If no patch available, implement workarounds. 3. Consider replacing with alternative software.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and parameterized queries for all user inputs

Web Application Firewall Rules

all

Deploy WAF rules to block SQL injection patterns targeting the fullname parameter

🧯 If You Can't Patch

  • Isolate the application behind a reverse proxy with strict input filtering
  • Implement network segmentation to limit database access from the application server

🔍 How to Verify

Check if Vulnerable:

Test the fullname parameter in save_user/update_user functions with SQL injection payloads like ' OR '1'='1

Check Version:

Check application version in configuration files or admin panel

Verify Fix Applied:

Verify that parameterized queries are implemented and SQL injection payloads are properly rejected

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in application logs
  • Multiple failed login attempts with SQL patterns
  • Database error messages containing user input

Network Indicators:

  • HTTP requests with SQL keywords in fullname parameter
  • Unusual database connection patterns from application server

SIEM Query:

source="web_logs" AND (fullname CONTAINS "' OR" OR fullname CONTAINS "UNION" OR fullname CONTAINS "SELECT")

📊 Metadata

CVE ID: CVE-2025-12929
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.04% exploit probability (11.4th percentile)
Published: November 10, 2025
Last Updated: November 18, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-12929, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)