CVE-2025-9150
📋 TL;DR
This CVE describes a SQL injection vulnerability in Surbowl dormitory-management-php software affecting the /admin/violation_add.php endpoint. Attackers can manipulate the ID parameter to execute arbitrary SQL commands, potentially compromising the database. Only unsupported versions of this specific PHP application are affected.
💻 Affected Systems
- Surbowl dormitory-management-php
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise including data theft, data manipulation, and potential server takeover via SQL injection leading to remote code execution.
Likely Case
Database information disclosure, data manipulation, and potential authentication bypass affecting dormitory management records.
If Mitigated
Limited impact with proper input validation and database permissions restricting damage to specific tables.
🎯 Exploit Status
Exploit requires access to /admin/violation_add.php endpoint. Public exploit details available in references.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Not available - product no longer supported
Vendor Advisory: None available
Restart Required: No
Instructions:
No official patch available. Consider migrating to supported software or implementing workarounds.
🔧 Temporary Workarounds
Input Validation and Sanitization
allAdd parameterized queries or input validation to the ID parameter in violation_add.php
Modify PHP code to use prepared statements: $stmt = $conn->prepare('SELECT * FROM violations WHERE id = ?'); $stmt->bind_param('i', $id);
Web Application Firewall Rules
allBlock SQL injection patterns targeting the /admin/violation_add.php endpoint
WAF rule to block patterns like: UNION SELECT, OR 1=1, --, ;, '
🧯 If You Can't Patch
- Isolate the application behind a reverse proxy with strict input validation
- Implement network segmentation to restrict access to the vulnerable endpoint
🔍 How to Verify
Check if Vulnerable:
Test the /admin/violation_add.php endpoint with SQL injection payloads like: /admin/violation_add.php?id=2' OR '1'='1Check Version:
Check git commit hash: git log --oneline -1Verify Fix Applied:
Test with SQL injection payloads and verify they are rejected or sanitized📡 Detection & Monitoring
Log Indicators:
- Unusual SQL queries in database logs
- Multiple failed login attempts from single IP
- Requests to /admin/violation_add.php with SQL patterns
Network Indicators:
- HTTP requests containing SQL keywords (UNION, SELECT, OR) to admin endpoints
- Abnormal traffic patterns to the PHP application
SIEM Query:
source="web_logs" AND uri="/admin/violation_add.php" AND (request LIKE "%UNION%" OR request LIKE "%SELECT%" OR request LIKE "%OR%1%1%")