CVE-2025-6502 – This critical SQL injection vulnerability in co... (How to Fix)

📋 TL;DR

This critical SQL injection vulnerability in code-projects Inventory Management System 1.0 allows attackers to manipulate database queries through the user_id parameter in changePassword.php. Remote attackers can potentially access, modify, or delete sensitive data in the database. All users running version 1.0 of this software are affected.

💻 Affected Systems

Products:

code-projects Inventory Management System

Versions: 1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the web interface component accessible via HTTP/HTTPS.

📦 What is this software?

Inventory Management System by Code Projects

View all CVEs affecting Inventory Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including theft of sensitive data, administrative account takeover, and potential remote code execution through database functions.

🟠

Likely Case

Unauthorized access to user credentials, inventory data, and other sensitive information stored in the database.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only affecting non-sensitive data.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires authentication to access changePassword.php, but SQL injection is straightforward once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

1. Check vendor website for updates
2. If no patch available, implement workarounds
3. Consider migrating to alternative software

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Add parameterized queries and input validation to changePassword.php

Replace raw SQL queries with prepared statements using PDO or mysqli

Access Restriction

linux

Restrict access to changePassword.php file

Add .htaccess rules to limit access to authenticated users only

🧯 If You Can't Patch

Implement web application firewall (WAF) with SQL injection rules
Isolate the system from internet access and restrict to internal network only

🔍 How to Verify

Check if Vulnerable:

Check if /php_action/changePassword.php exists and contains unsanitized user_id parameter usage

Check Version:

Check software version in admin panel or readme files

Verify Fix Applied:

Test changePassword.php with SQL injection payloads to confirm they're blocked

📡 Detection & Monitoring

Log Indicators:

SQL syntax errors in web server logs
Multiple failed password change attempts
Unusual database queries from web application

Network Indicators:

HTTP POST requests to changePassword.php with SQL payloads in parameters

SIEM Query:

source="web_server" AND (url="*changePassword.php*" AND (param="*user_id*" AND value="*' OR *"))

📊 Metadata

CVE ID: CVE-2025-6502

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.04% exploit probability (12.4th percentile)

Published: June 23, 2025

Last Updated: June 27, 2025

🔗 References

https://code-projects.org/ Product
https://github.com/mex135605/cve/issues/1 Exploit,Issue Tracking,Third Party Advisory
https://vuldb.com/?ctiid.313618 Permissions Required,VDB Entry
https://vuldb.com/?id.313618 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.601252 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-6502, you might also want to check these: