Login Sign Up

CVE-2025-6354

7.3 HIGH
SQL Injection Authentication Bypass

📋 TL;DR

A critical SQL injection vulnerability exists in code-projects Online Shoe Store 1.0, specifically in the customer_signup.php file's email parameter. This allows remote attackers to execute arbitrary SQL commands on the database. All users running Online Shoe Store 1.0 are affected.

💻 Affected Systems

Products:
  • code-projects Online Shoe Store
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in default installation. Requires web server with PHP and database backend.

📦 What is this software?

Online Shoe Store by Code Projects

View all CVEs affecting Online Shoe Store →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data manipulation, authentication bypass, and potential remote code execution on the database server.

🟠

Likely Case

Unauthorized access to customer data (emails, passwords, addresses), potential privilege escalation, and database manipulation.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only error messages or partial data exposure.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit disclosed publicly, SQL injection via email parameter requires minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

No official patch available. Consider migrating to alternative software or implementing workarounds.

🔧 Temporary Workarounds

Input Validation and Parameterized Queries

all

Modify customer_signup.php to validate email input and use prepared statements

Edit /function/customer_signup.php to replace raw SQL with parameterized queries using PDO or mysqli

Web Application Firewall (WAF)

all

Deploy WAF rules to block SQL injection patterns

Configure WAF to block SQL injection patterns in POST requests to customer_signup.php

🧯 If You Can't Patch

  • Isolate the application behind a reverse proxy with strict input filtering
  • Implement network segmentation to limit database access from web server

🔍 How to Verify

Check if Vulnerable:

Test email parameter in /function/customer_signup.php with SQL injection payloads like ' OR '1'='1

Check Version:

Check application version in configuration files or about page

Verify Fix Applied:

Verify parameterized queries are implemented and test with SQL injection payloads

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL errors in application logs
  • Multiple failed signup attempts with SQL-like patterns

Network Indicators:

  • POST requests to customer_signup.php containing SQL keywords in email parameter

SIEM Query:

source="web_logs" AND uri="/function/customer_signup.php" AND (email CONTAINS "' OR" OR email CONTAINS "UNION" OR email CONTAINS "SELECT")

📊 Metadata

CVE ID: CVE-2025-6354
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.04% exploit probability (12.4th percentile)
Published: June 20, 2025
Last Updated: June 26, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-6354, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)