CVE-2025-61548 – This SQL injection vulnerability in Print Shop ... (How to Fix)

Q: What is the severity of CVE-2025-61548?

CVE-2025-61548 has a CVSS score of 9.8 (CRITICAL). This SQL injection vulnerability in Print Shop Pro WebDesk allows remote attackers to execute arbitrary SQL commands by manipulating the hfInventoryDistFormID parameter. Attackers could potentially read, modify, or delete database contents, affecting all users of vulnerable versions.

📋 TL;DR

This SQL injection vulnerability in Print Shop Pro WebDesk allows remote attackers to execute arbitrary SQL commands by manipulating the hfInventoryDistFormID parameter. Attackers could potentially read, modify, or delete database contents, affecting all users of vulnerable versions.

💻 Affected Systems

Products:

edu Business Solutions Print Shop Pro WebDesk

Versions: version 18.34

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the web interface component accessible via HTTP/HTTPS.

📦 What is this software?

Print Shop Pro Webdesk by Edubusinesssolutions

View all CVEs affecting Print Shop Pro Webdesk →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, or full system takeover via SQL command execution.

🟠

Likely Case

Data exfiltration from the database, including sensitive business information, user credentials, or financial data.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only allowing data reading from specific tables.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection vulnerabilities are commonly exploited with automated tools.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

Contact vendor for patch information. Apply parameterized queries or input validation to the hfInventoryDistFormID parameter in CartV12.aspx/GetUnitPrice endpoint.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy WAF rules to block SQL injection patterns targeting the vulnerable endpoint.

Input Validation Filter

windows

Implement server-side validation to restrict hfInventoryDistFormID to expected values.

🧯 If You Can't Patch

Restrict network access to the vulnerable endpoint using firewall rules.
Implement database permissions to limit potential damage from SQL injection.

🔍 How to Verify

Check if Vulnerable:

Test the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint with SQL injection payloads in hfInventoryDistFormID parameter.

Check Version:

Check application version in web interface or configuration files.

Verify Fix Applied:

Verify that parameterized queries are implemented and SQL injection attempts no longer succeed.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL error messages in application logs
Multiple failed SQL injection attempts

Network Indicators:

HTTP requests to vulnerable endpoint with SQL keywords in parameters

SIEM Query:

source="web_logs" AND uri="/PSP/appNET/Store/CartV12.aspx/GetUnitPrice" AND (param="hfInventoryDistFormID" AND value CONTAINS "UNION" OR "SELECT" OR "INSERT" OR "DELETE")

📊 Metadata

CVE ID: CVE-2025-61548

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

EPSS Score: 0.12% exploit probability (31.4th percentile)

Published: January 8, 2026

Last Updated: January 22, 2026

🔗 References

https://github.com/chndlrx/vulnerability-disclosures/tree/main/CVE-2025-61548 Exploit,Third Party Advisory
https://github.com/chndlrx/vulnerability-disclosures/tree/main/CVE-2025-61548 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-61548, you might also want to check these: