CVE-2025-9924 – CVE-2025-9924 is an SQL injection vulnerability... (How to Fix)

Q: What is the severity of CVE-2025-9924?

CVE-2025-9924 has a CVSS score of 7.3 (HIGH). CVE-2025-9924 is an SQL injection vulnerability in Travel Management System 1.0's enquiry.php file that allows attackers to manipulate database queries via the t2 parameter. This enables unauthorized data access, modification, or deletion. Organizations using this specific software version are affected.

📋 TL;DR

CVE-2025-9924 is an SQL injection vulnerability in Travel Management System 1.0's enquiry.php file that allows attackers to manipulate database queries via the t2 parameter. This enables unauthorized data access, modification, or deletion. Organizations using this specific software version are affected.

💻 Affected Systems

Products:

projectworlds Travel Management System

Versions: 1.0

Operating Systems: All platforms running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: Requires PHP environment with database backend. The vulnerable file /enquiry.php must be accessible.

📦 What is this software?

Travel Management System by Projectworlds

View all CVEs affecting Travel Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, or full system takeover via SQL injection to RCE chaining.

🟠

Likely Case

Unauthorized access to sensitive travel data, customer information, or administrative credentials stored in the database.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database permission restrictions in place.

🌐 Internet-Facing: HIGH - Remote exploitation is possible and public exploit exists.

🏢 Internal Only: MEDIUM - Internal attackers could exploit if system is network-accessible.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit disclosed on GitHub with specific payload targeting t2 parameter. SQL injection is well-understood attack vector.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None found

Restart Required: No

Instructions:

No official patch available. Implement workarounds or migrate to alternative software.

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize t2 parameter before processing

Modify enquiry.php to add: $t2 = mysqli_real_escape_string($conn, $_POST['t2']);

Parameterized Query Implementation

all

Replace direct SQL concatenation with prepared statements

Replace vulnerable query with: $stmt = $conn->prepare('SELECT * FROM table WHERE column = ?'); $stmt->bind_param('s', $t2);

🧯 If You Can't Patch

Block external access to /enquiry.php via web application firewall or network ACLs
Implement database user with minimal permissions (read-only if possible)

🔍 How to Verify

Check if Vulnerable:

Test /enquiry.php endpoint with SQL injection payloads in t2 parameter and observe database errors or unexpected responses.

Check Version:

Check software version in admin panel or readme files; system identifies as Travel Management System 1.0.

Verify Fix Applied:

Attempt SQL injection after implementing fixes; successful fixes should return error messages or no database interaction.

📡 Detection & Monitoring

Log Indicators:

SQL syntax errors in web server logs
Unusual database query patterns from web application
Multiple failed parameter manipulation attempts on enquiry.php

Network Indicators:

POST requests to /enquiry.php with SQL keywords in parameters
Unusual database port traffic following web requests

SIEM Query:

source="web_logs" AND uri="/enquiry.php" AND (param="t2" AND value CONTAINS "UNION" OR value CONTAINS "SELECT" OR value CONTAINS "' OR '")

📊 Metadata

CVE ID: CVE-2025-9924

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.03% exploit probability (8.4th percentile)

Published: September 3, 2025

Last Updated: September 8, 2025

🔗 References

https://github.com/JunGu-W/cve/issues/7 Exploit,Issue Tracking,Third Party Advisory
https://vuldb.com/?ctiid.322326 Permissions Required,VDB Entry
https://vuldb.com/?id.322326 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.642578 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-9924, you might also want to check these: