Login Sign Up

CVE-2025-4728

7.3 HIGH
SQL Injection

📋 TL;DR

This critical SQL injection vulnerability in SourceCodester Best Online News Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the searchtitle parameter in /search.php. Attackers can potentially access, modify, or delete database content. All installations of version 1.0 are affected.

💻 Affected Systems

Products:
  • SourceCodester Best Online News Portal
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of version 1.0 are vulnerable by default. The vulnerability exists in the core search functionality.

📦 What is this software?

Best Online News Portal by Mayurik

View all CVEs affecting Best Online News Portal →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, and potential remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized data access, data manipulation, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, though SQL injection attempts would still be logged.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public exploit available on GitHub. Attack requires no authentication and uses simple SQL injection techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.sourcecodester.com/

Restart Required: No

Instructions:

No official patch available. Check vendor website for updates. Consider implementing workarounds or migrating to alternative software.

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize searchtitle parameter before processing

Modify /search.php to include parameterized queries or proper escaping

WAF Rule

all

Implement web application firewall rules to block SQL injection patterns

Add WAF rule to detect and block SQL injection attempts on searchtitle parameter

🧯 If You Can't Patch

  • Implement network segmentation to restrict access to vulnerable system
  • Deploy web application firewall with SQL injection detection rules

🔍 How to Verify

Check if Vulnerable:

Test /search.php with SQL injection payloads in searchtitle parameter (e.g., searchtitle=' OR '1'='1)

Check Version:

Check application version in admin panel or configuration files

Verify Fix Applied:

Verify that SQL injection attempts no longer succeed and return proper error handling

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL errors in application logs
  • Multiple failed search attempts with special characters
  • Long or unusual search queries

Network Indicators:

  • HTTP requests to /search.php with SQL keywords in parameters
  • Unusual database query patterns from web server

SIEM Query:

source="web_logs" AND uri="/search.php" AND (searchtitle CONTAINS "UNION" OR searchtitle CONTAINS "SELECT" OR searchtitle CONTAINS "OR '1'='1")

📊 Metadata

CVE ID: CVE-2025-4728
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.07% exploit probability (20.5th percentile)
Published: May 15, 2025
Last Updated: May 27, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-4728, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)