CVE-2025-0486
Published: 15 January 2025
Summary
CVE-2025-0486 is a high-severity Injection (CWE-74) vulnerability in Fanli2012 Native-Php-Cms. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 25.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-10 requires validating the username input in /fladmin/login.php to prevent SQL injection manipulation.
SI-2 mandates timely remediation of the specific SQL injection flaw in Fanli2012 native-php-cms 1.0.
RA-5 uses vulnerability scanning to identify and remediate SQL injection vulnerabilities like CVE-2025-0486 in the login functionality.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection vulnerability in unauthenticated public-facing /fladmin/login.php enables exploitation of public-facing web applications (T1190), abuse of server software components (T1505 as per advisory), and collection of data from databases (T1213.006) via unauthorized queries.
NVD Description
A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /fladmin/login.php. The manipulation of the argument username leads to sql injection. The attack can be…
more
launched remotely. The exploit has been disclosed to the public and may be used.
Deeper analysisAI
CVE-2025-0486 is a critical SQL injection vulnerability (CWE-74, CWE-89) in Fanli2012 native-php-cms version 1.0. The issue resides in an unknown functionality of the file /fladmin/login.php, where manipulation of the username argument triggers the injection. Published on 2025-01-15, it carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).
The vulnerability enables remote exploitation without user interaction or privileges. Attackers can launch SQL injection attacks over the network with low complexity, potentially compromising low levels of confidentiality, integrity, and availability. An exploit has been publicly disclosed and may be actively used.
Advisories are available via GitHub issues at https://github.com/Fanli2012/native-php-cms/issues/8 and https://github.com/Fanli2012/native-php-cms/issues/8#issue-2769942639, as well as VulDB entries including https://vuldb.com/?ctiid.291931, https://vuldb.com/?id.291931, and https://vuldb.com/?submit.475249. No specific patches or mitigations are detailed in the provided references.
Details
- CWE(s)