Login Sign Up

CVE-2025-6847

6.3 MEDIUM
SQL Injection

📋 TL;DR

A critical SQL injection vulnerability exists in Simple Forum 1.0's /forum_edit.php file, allowing remote attackers to manipulate database queries via the 'iii' parameter. This affects all users running Simple Forum 1.0 with the vulnerable file accessible. Attackers can potentially read, modify, or delete database content.

💻 Affected Systems

Products:
  • Simple Forum
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects any installation with /forum_edit.php accessible. No special configuration required.

📦 What is this software?

Simple Forum by Fabian

View all CVEs affecting Simple Forum →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, or full system takeover if database privileges allow file system access or command execution.

🟠

Likely Case

Unauthorized data extraction from the forum database including user credentials, private messages, and administrative information.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries preventing SQL injection.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept available on GitHub. SQL injection via 'iii' parameter is straightforward to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

1. Check vendor website for security updates. 2. If no patch available, implement workarounds. 3. Consider migrating to supported forum software.

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize the 'iii' parameter before processing

Modify /forum_edit.php to validate 'iii' parameter as integer using is_numeric() or similar

Web Application Firewall

all

Deploy WAF rules to block SQL injection patterns

Add WAF rule: deny requests with SQL keywords in 'iii' parameter

🧯 If You Can't Patch

  • Block external access to /forum_edit.php using firewall rules or .htaccess
  • Implement database user with minimal privileges (read-only if possible)

🔍 How to Verify

Check if Vulnerable:

Test /forum_edit.php with SQL injection payloads in 'iii' parameter (e.g., ' OR '1'='1)

Check Version:

Check Simple Forum version in admin panel or configuration files

Verify Fix Applied:

Attempt SQL injection after implementing fixes; should return error or no data leakage

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL errors in web server logs
  • Multiple requests to /forum_edit.php with suspicious parameters

Network Indicators:

  • SQL keywords in HTTP GET/POST parameters
  • Unusual database query patterns

SIEM Query:

source="web_logs" AND uri="/forum_edit.php" AND (param="iii" AND value MATCHES "(?i)(union|select|insert|update|delete|drop|or|and)")

📊 Metadata

CVE ID: CVE-2025-6847
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.04% exploit probability (12th percentile)
Published: June 29, 2025
Last Updated: October 23, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-6847, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)