Cyber Resilience

CVE-2023-27113

CriticalPublic PoC

Published: 21 January 2025

Published
21 January 2025
Modified
30 May 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0022 44.5th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-27113 is a critical-severity SQL Injection (CWE-89) vulnerability in A54552239 Pearprojectapi. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 44.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2023-27113 is a SQL injection vulnerability (CWE-89) affecting pearProjectApi version 2.8.10. The issue arises via the organizationCode parameter in the project.php component, enabling malicious SQL payloads to be injected and executed. Published on 2025-01-21, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its potential for widespread impact.

Remote attackers require no privileges or user interaction to exploit this vulnerability over the network with low attack complexity. Successful exploitation allows arbitrary SQL query execution, granting high-impact access to confidential data, modification of database contents, and disruption of service availability.

Mitigation details are available in the GitHub issue at https://github.com/a54552239/pearProjectApi/issues/31, which serves as the primary advisory reference for this CVE.

EU & UK References

Vulnerability details

pearProjectApi v2.8.10 was discovered to contain a SQL injection vulnerability via the organizationCode parameter at project.php.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Direct remote unauthenticated SQL injection in a public-facing web API component enables initial access via exploitation of the exposed application.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2023-27112Same product: A54552239 Pearprojectapi
CVE-2026-3057Same product: A54552239 Pearprojectapi
CVE-2026-39334Shared CWE-89
CVE-2024-13488Shared CWE-89
CVE-2026-22850Shared CWE-89
CVE-2024-12404Shared CWE-89
CVE-2024-13474Shared CWE-89
CVE-2026-20002Shared CWE-89
CVE-2025-1446Shared CWE-89
CVE-2025-22699Shared CWE-89

Affected Assets

a54552239
pearprojectapi
2.8.10

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents SQL injection by requiring validation of untrusted inputs like the organizationCode parameter before database queries.

prevent

Mandates timely remediation of identified flaws, such as patching the SQL injection vulnerability in pearProjectApi v2.8.10.

detect

Vulnerability scanning detects SQL injection issues like CVE-2023-27113 in applications for proactive remediation.

References