Login Sign Up

CVE-2025-1355

7.3 HIGH
Remote Code Execution

📋 TL;DR

This critical vulnerability in needyamin Library Card System 1.0 allows attackers to upload arbitrary files to the /signup.php endpoint, potentially leading to remote code execution. The vulnerability affects all systems running this software with the vulnerable component enabled. Attackers can exploit this remotely without authentication.

💻 Affected Systems

Products:
  • needyamin Library Card System
Versions: 1.0
Operating Systems: All platforms running PHP
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in default installation with Add Picture functionality

📦 What is this software?

Library Card System by Needyamin

View all CVEs affecting Library Card System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise via web shell upload leading to data theft, ransomware deployment, or use as attack platform

🟠

Likely Case

Web shell installation allowing persistent backdoor access and data exfiltration

🟢

If Mitigated

File upload attempts blocked or quarantined with no successful exploitation

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit code publicly available, simple file upload bypass technique

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Vendor unresponsive. Consider alternative software or implement workarounds.

🔧 Temporary Workarounds

Web Application Firewall Rule

all

Block file uploads to /signup.php or restrict to specific file types

WAF specific - configure rule to block POST requests to /signup.php with file upload content

File Upload Validation

Linux/Unix

Implement server-side file type validation and restrict upload directory permissions

Modify signup.php to validate file extensions and MIME types
chmod 755 upload_directory/
chown www-data:www-data upload_directory/

🧯 If You Can't Patch

  • Disable the Add Picture functionality completely
  • Implement network segmentation to isolate the vulnerable system

🔍 How to Verify

Check if Vulnerable:

Attempt to upload a test file (e.g., test.php) to /signup.php and check if it's saved with executable permissions

Check Version:

Check software version in admin panel or readme files

Verify Fix Applied:

Test file upload with various extensions - only allowed types should be accepted

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed/successful file uploads to /signup.php
  • Unusual file types (.php, .jsp, .asp) in upload directory

Network Indicators:

  • POST requests to /signup.php with file upload content
  • Unusual outbound connections from web server

SIEM Query:

source="web_logs" AND uri="/signup.php" AND method="POST" AND (content_type="multipart/form-data" OR user_agent contains "curl" OR user_agent contains "wget")

📊 Metadata

CVE ID: CVE-2025-1355
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-284
EPSS Score: 0.24% exploit probability (46th percentile)
Published: February 16, 2025
Last Updated: February 25, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-1355, you might also want to check these:

CVE-2021-34795 10.0

This critical vulnerability in Cisco Catalyst PON Series Switches ONT web management interface allow...

Same vulnerability type (CWE-284)
CVE-2021-40113 10.0

Multiple vulnerabilities in Cisco Catalyst PON Series Switches ONT web management interface allow un...

Same vulnerability type (CWE-284)
CVE-2026-21636 10.0

A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i...

Same vulnerability type (CWE-284)