CVE-2025-3118 – CVE-2025-3118 is a critical SQL injection vulne... (How to Fix)

Q: What is the severity of CVE-2025-3118?

CVE-2025-3118 has a CVSS score of 6.3 (MEDIUM). CVE-2025-3118 is a critical SQL injection vulnerability in SourceCodester Online Tutor Portal 1.0 that allows remote attackers to execute arbitrary SQL commands via the ID parameter in /tutor/courses/view_course.php. This affects all deployments of the vulnerable software version, potentially enabling data theft, modification, or system compromise.

📋 TL;DR

CVE-2025-3118 is a critical SQL injection vulnerability in SourceCodester Online Tutor Portal 1.0 that allows remote attackers to execute arbitrary SQL commands via the ID parameter in /tutor/courses/view_course.php. This affects all deployments of the vulnerable software version, potentially enabling data theft, modification, or system compromise.

💻 Affected Systems

Products:

SourceCodester Online Tutor Portal

Versions: 1.0

Operating Systems: Any OS running PHP/MySQL

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all installations of version 1.0. No specific configuration required for exploitation.

📦 What is this software?

Online Tutor Portal by Oretnom23

View all CVEs affecting Online Tutor Portal →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data exfiltration, privilege escalation, or remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized access to sensitive student/tutor data, grade manipulation, or account takeover.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-critical data.

🌐 Internet-Facing: HIGH - Attack can be initiated remotely without authentication, making exposed instances immediately vulnerable.

🏢 Internal Only: MEDIUM - Still exploitable by internal attackers or through compromised internal systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code available on GitHub. Simple SQL injection requiring minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.sourcecodester.com/

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available, or implement workarounds.

🔧 Temporary Workarounds

Input Validation and Parameterized Queries

all

Modify /tutor/courses/view_course.php to use prepared statements with parameterized queries instead of concatenating user input.

Replace vulnerable SQL queries with PDO or mysqli prepared statements

Web Application Firewall (WAF) Rules

all

Deploy WAF rules to block SQL injection patterns targeting the ID parameter.

Add WAF rule: Block requests containing SQL keywords in ID parameter

🧯 If You Can't Patch

Isolate the application behind a reverse proxy with strict input filtering
Implement network segmentation to limit database access from the application server

🔍 How to Verify

Check if Vulnerable:

Test by sending a crafted ID parameter with SQL injection payload to /tutor/courses/view_course.php and observing database errors or unexpected behavior.

Check Version:

Check application version in admin panel or source code comments

Verify Fix Applied:

Attempt the same SQL injection test after implementing fixes; successful fix should return proper error handling without database exposure.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL error messages in application logs
Multiple rapid requests to view_course.php with varying ID parameters

Network Indicators:

HTTP requests containing SQL keywords (UNION, SELECT, etc.) in URL parameters

SIEM Query:

source="web_logs" AND url="/tutor/courses/view_course.php" AND (param="ID" AND value MATCHES "(?i)(union|select|insert|delete|drop|--|#)")

📊 Metadata

CVE ID: CVE-2025-3118

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.2% exploit probability (41.7th percentile)

Published: April 2, 2025

Last Updated: April 10, 2025

🔗 References

https://github.com/byxs0x0/SQL/blob/main/SQL3.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.303009 Permissions Required,VDB Entry
https://vuldb.com/?id.303009 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.524985 Third Party Advisory,VDB Entry
https://www.sourcecodester.com/ Product
https://github.com/byxs0x0/SQL/blob/main/SQL3.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-3118, you might also want to check these: