Login Sign Up

CVE-2025-9757

7.3 HIGH
SQL Injection Authentication Bypass

📋 TL;DR

This SQL injection vulnerability in Campcodes/SourceCodester Courier Management System 1.0 allows attackers to manipulate database queries through the login function. Remote attackers can potentially bypass authentication, access sensitive data, or execute arbitrary database commands. All installations using the vulnerable version are affected.

💻 Affected Systems

Products:
  • Campcodes/SourceCodester Courier Management System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the /ajax.php file specifically in the Login function via email parameter manipulation.

📦 What is this software?

Courier Management System by Campcodes

View all CVEs affecting Courier Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise including database takeover, credential theft, data exfiltration, and potential lateral movement to other systems.

🟠

Likely Case

Authentication bypass leading to unauthorized system access, data leakage of user/courier information, and potential privilege escalation.

🟢

If Mitigated

Limited impact with proper input validation and WAF rules blocking malicious SQL patterns.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public disclosure available via GitHub references; SQL injection typically requires minimal technical skill to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None found

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available, or implement workarounds.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement parameterized queries or prepared statements in /ajax.php to prevent SQL injection.

Modify PHP code to use PDO or mysqli with prepared statements for email parameter

Web Application Firewall Rules

all

Deploy WAF rules to block SQL injection patterns targeting /ajax.php endpoint.

Add WAF rule: Block requests to /ajax.php containing SQL keywords in email parameter

🧯 If You Can't Patch

  • Isolate the system behind a reverse proxy with strict input validation
  • Implement network segmentation to limit database access from application servers

🔍 How to Verify

Check if Vulnerable:

Test /ajax.php endpoint with SQL injection payloads in email parameter (e.g., ' OR '1'='1)

Check Version:

Check system version in admin panel or readme files

Verify Fix Applied:

Verify that SQL injection payloads no longer execute and return proper error handling

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL errors in application logs
  • Multiple failed login attempts with SQL patterns
  • Unexpected database queries from /ajax.php

Network Indicators:

  • HTTP POST requests to /ajax.php containing SQL keywords
  • Unusual database connection patterns from web server

SIEM Query:

source="web_logs" AND uri="/ajax.php" AND (email="*OR*" OR email="*UNION*" OR email="*SELECT*")

📊 Metadata

CVE ID: CVE-2025-9757
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.03% exploit probability (7.4th percentile)
Published: September 1, 2025
Last Updated: September 8, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-9757, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)