Login Sign Up

CVE-2025-2846

7.3 HIGH
SQL Injection

📋 TL;DR

This critical SQL injection vulnerability in SourceCodester Online Eyewear Shop 1.0 allows attackers to execute arbitrary SQL commands through the registration function. Remote attackers can potentially access, modify, or delete database content. All deployments of this specific software version are affected.

💻 Affected Systems

Products:
  • SourceCodester Online Eyewear Shop
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the registration component at /oews/classes/Users.php?f=registration. All installations with default configuration are vulnerable.

📦 What is this software?

Online Eyewear Shop by Oretnom23

View all CVEs affecting Online Eyewear Shop →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data manipulation, authentication bypass, and potential server takeover via SQL injection to RCE chaining.

🟠

Likely Case

Database information disclosure, user data theft, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only error messages or partial data exposure.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details are publicly available on GitHub. Attack can be initiated remotely without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: https://www.sourcecodester.com/

Restart Required: No

Instructions:

No official patch available. Consider implementing input validation and parameterized queries in the affected Users.php file.

🔧 Temporary Workarounds

Implement Input Validation

all

Add server-side validation to sanitize and validate the ID parameter in the registration function.

Web Application Firewall

all

Deploy a WAF with SQL injection protection rules to block malicious requests.

🧯 If You Can't Patch

  • Disable the registration functionality if not required
  • Implement network segmentation to isolate the application from sensitive databases

🔍 How to Verify

Check if Vulnerable:

Test the registration endpoint with SQL injection payloads in the ID parameter and observe database errors or unexpected behavior.

Check Version:

Check the software version in the application's admin panel or configuration files.

Verify Fix Applied:

Attempt SQL injection attacks against the patched endpoint and verify they are blocked or properly handled.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL syntax in registration requests
  • Database error messages in application logs
  • Multiple failed registration attempts with special characters

Network Indicators:

  • HTTP POST requests to /oews/classes/Users.php with SQL keywords in parameters

SIEM Query:

source="web_logs" AND (url_path="/oews/classes/Users.php" AND (param="ID" AND value CONTAINS "' OR " OR "--" OR "#"))

📊 Metadata

CVE ID: CVE-2025-2846
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.2% exploit probability (42.4th percentile)
Published: March 27, 2025
Last Updated: May 14, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-2846, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)