Login Sign Up

CVE-2025-9419

7.3 HIGH
SQL Injection

📋 TL;DR

This SQL injection vulnerability in itsourcecode Apartment Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter in /unit/addunit.php. This can lead to unauthorized data access, modification, or deletion. All deployments of version 1.0 are affected.

💻 Affected Systems

Products:
  • itsourcecode Apartment Management System
Versions: 1.0
Operating Systems: Any OS running PHP and MySQL/MariaDB
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all installations of version 1.0. Requires PHP and database backend.

📦 What is this software?

Apartment Management System by Admerc

View all CVEs affecting Apartment Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, and potential remote code execution if database permissions allow.

🟠

Likely Case

Unauthorized access to sensitive apartment management data, tenant information, and potential privilege escalation.

🟢

If Mitigated

Limited impact with proper input validation and database permission restrictions in place.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable and public exploits exist.
🏢 Internal Only: MEDIUM - Internal attackers could still exploit this, but requires network access.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public exploit details available on GitHub. SQL injection via ID parameter manipulation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://itsourcecode.com/

Restart Required: No

Instructions:

No official patch available. Implement workarounds or migrate to alternative software.

🔧 Temporary Workarounds

Input Validation and Parameterized Queries

all

Modify /unit/addunit.php to validate and sanitize the ID parameter using prepared statements.

Replace vulnerable SQL queries with parameterized queries using PDO or mysqli prepared statements.

Web Application Firewall (WAF)

all

Deploy WAF rules to block SQL injection patterns targeting the /unit/addunit.php endpoint.

Configure WAF to block SQL injection patterns: ' OR ', ' UNION ', ' SELECT ', ' INSERT ', ' UPDATE ', ' DELETE '

🧯 If You Can't Patch

  • Restrict network access to the application using firewall rules to only trusted IP addresses.
  • Implement database user with minimal permissions (read-only if possible) for the application.

🔍 How to Verify

Check if Vulnerable:

Test /unit/addunit.php with SQL injection payloads like: ?ID=1' OR '1'='1

Check Version:

Check application version in admin panel or readme files.

Verify Fix Applied:

Test with same payloads after implementing parameterized queries - should return error or no data.

📡 Detection & Monitoring

Log Indicators:

  • Multiple requests to /unit/addunit.php with SQL keywords in parameters
  • Database error logs showing SQL syntax errors

Network Indicators:

  • HTTP requests containing SQL injection patterns to /unit/addunit.php

SIEM Query:

source="web_logs" AND uri="/unit/addunit.php" AND (param="ID" AND value MATCHES "'.*OR.*|.*UNION.*|.*SELECT.*")

📊 Metadata

CVE ID: CVE-2025-9419
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.03% exploit probability (7.4th percentile)
Published: August 25, 2025
Last Updated: September 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-9419, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)