CVE-2025-25914 – A SQL injection vulnerability in Online Exam Ma... (How to Fix)

Q: What is the severity of CVE-2025-25914?

CVE-2025-25914 has a CVSS score of 9.8 (CRITICAL). A SQL injection vulnerability in Online Exam Mastering System v1.0 allows remote attackers to execute arbitrary SQL commands via the fid parameter. This can lead to unauthorized data access, modification, or deletion. All systems running this specific version are affected.

📋 TL;DR

A SQL injection vulnerability in Online Exam Mastering System v1.0 allows remote attackers to execute arbitrary SQL commands via the fid parameter. This can lead to unauthorized data access, modification, or deletion. All systems running this specific version are affected.

💻 Affected Systems

Products:

Online Exam Mastering System

Versions: v1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Any deployment of version 1.0 is vulnerable regardless of configuration.

📦 What is this software?

Online Exam Mastering System by Carmelo

View all CVEs affecting Online Exam Mastering System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, and potential remote code execution on the underlying server.

🟠

Likely Case

Unauthorized access to exam data, student records, and administrative credentials leading to data breach and system manipulation.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries preventing successful exploitation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The GitHub reference contains exploit details. SQL injection via fid parameter is straightforward to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

No official patch available. Implement parameterized queries and input validation in the application code.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection rules to block malicious requests.

Input Validation Filter

all

Add server-side validation to reject suspicious fid parameter values.

🧯 If You Can't Patch

Isolate the system from the internet and restrict access to authorized users only.
Implement strict network segmentation and monitor all database queries for anomalies.

🔍 How to Verify

Check if Vulnerable:

Test the fid parameter with SQL injection payloads (e.g., fid=1' OR '1'='1) and observe database errors or unexpected behavior.

Check Version:

Check application documentation or configuration files for version information.

Verify Fix Applied:

Retest with SQL injection payloads after implementing fixes; ensure no database errors or unauthorized data access occurs.

📡 Detection & Monitoring

Log Indicators:

SQL syntax errors in application logs
Unusual database query patterns from web server IPs

Network Indicators:

HTTP requests with SQL keywords in fid parameter
Abnormal database response sizes

SIEM Query:

source="web_logs" AND (fid="*'*" OR fid="*OR*" OR fid="*UNION*" OR fid="*SELECT*" OR fid="*--*")

📊 Metadata

CVE ID: CVE-2025-25914

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

EPSS Score: 0.95% exploit probability (76th percentile)

Published: March 17, 2025

Last Updated: April 8, 2025

🔗 References

https://github.com/872323857/CVE/blob/main/online-exam-mastering-system_sqlinject.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-25914, you might also want to check these: