CVE-2025-2385 – CVE-2025-2385 is a critical SQL injection vulne... (How to Fix)

Q: What is the severity of CVE-2025-2385?

CVE-2025-2385 has a CVSS score of 7.3 (HIGH). CVE-2025-2385 is a critical SQL injection vulnerability in Modern Bag 1.0's login.php file that allows attackers to manipulate database queries through userEmail and userPassword parameters. This enables unauthorized data access, modification, or deletion. All users running Modern Bag 1.0 with the vulnerable login.php file are affected.

📋 TL;DR

CVE-2025-2385 is a critical SQL injection vulnerability in Modern Bag 1.0's login.php file that allows attackers to manipulate database queries through userEmail and userPassword parameters. This enables unauthorized data access, modification, or deletion. All users running Modern Bag 1.0 with the vulnerable login.php file are affected.

💻 Affected Systems

Products:

Modern Bag

Versions: 1.0

Operating Systems: Any OS running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects installations using the vulnerable login.php file. The vulnerability is in the code-projects Modern Bag project.

📦 What is this software?

Modern Bag by Code Projects

View all CVEs affecting Modern Bag →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, authentication bypass, privilege escalation, or full system takeover.

🟠

Likely Case

Unauthorized access to user credentials, personal data, or sensitive application information.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database permissions in place.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable via login.php which is typically internet-facing.

🏢 Internal Only: MEDIUM - Still exploitable by internal threats but attack surface is reduced.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details are publicly disclosed on GitHub and VulDB. SQL injection via login parameters is typically straightforward to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: UNKNOWN

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

1. Check code-projects.org for updated version. 2. If no patch available, manually fix login.php by implementing parameterized queries. 3. Replace raw SQL concatenation with prepared statements.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and sanitization for userEmail and userPassword parameters

Web Application Firewall (WAF)

all

Deploy WAF rules to block SQL injection patterns targeting login.php

🧯 If You Can't Patch

Implement network segmentation to isolate the vulnerable system
Deploy intrusion detection systems monitoring for SQL injection attempts

🔍 How to Verify

Check if Vulnerable:

Review login.php source code for raw SQL concatenation with userEmail/userPassword parameters without proper sanitization.

Check Version:

Check application version in configuration files or about pages

Verify Fix Applied:

Test login functionality with SQL injection payloads to ensure they are properly rejected or sanitized.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL syntax in login attempts
Multiple failed login attempts with SQL characters
Database error messages in application logs

Network Indicators:

HTTP POST requests to /login.php containing SQL keywords or special characters

SIEM Query:

source="web_logs" AND uri="/login.php" AND (request_body CONTAINS "' OR" OR request_body CONTAINS "UNION" OR request_body CONTAINS "SELECT *")

📊 Metadata

CVE ID: CVE-2025-2385

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.12% exploit probability (31.3th percentile)

Published: March 17, 2025

Last Updated: April 7, 2025

🔗 References

https://code-projects.org/ Product
https://github.com/MiniSweetBeen/src/issues/2 Exploit,Issue Tracking,Third Party Advisory
https://vuldb.com/?ctiid.299884 Permissions Required,VDB Entry
https://vuldb.com/?id.299884 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.516544 Third Party Advisory,VDB Entry
https://github.com/MiniSweetBeen/src/issues/2 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-2385, you might also want to check these: