CVE-2025-0947
Published: 01 February 2025
Summary
CVE-2025-0947 is a medium-severity Injection (CWE-74) vulnerability in Angeljudesuarez Tailoring Management System. Its CVSS base score is 6.3 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 17.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents SQL injection by validating and sanitizing user inputs like the 'expid' parameter before incorporation into SQL queries.
Mandates identification, reporting, and correction of the specific SQL injection flaw in expview.php.
Vulnerability scanning identifies SQL injection issues like CVE-2025-0947 in the Tailoring Management System for remediation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The SQL injection vulnerability in the public-facing web application (expview.php and others) enables exploitation of public-facing applications (T1190) and facilitates collection of data from databases via unauthorized queries (T1213.006).
NVD Description
A vulnerability, which was classified as critical, has been found in itsourcecode Tailoring Management System 1.0. Affected by this issue is some unknown functionality of the file expview.php. The manipulation of the argument expid leads to sql injection. The attack…
more
may be launched remotely. The exploit has been disclosed to the public and may be used.
Deeper analysisAI
CVE-2025-0947 is a critical SQL injection vulnerability in itsourcecode Tailoring Management System 1.0, published on 2025-02-01. The issue affects unknown functionality in the file expview.php, where manipulation of the 'expid' argument enables the injection. It is associated with CWE-74 (Improper Neutralization of Special Elements used in an SQL Command) and CWE-89 (SQL Injection), with a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).
The vulnerability allows remote exploitation by attackers possessing low privileges, with low attack complexity and no requirement for user interaction. Successful attacks can result in limited impacts: partial disclosure of sensitive information (low confidentiality), limited modification of data or system settings (low integrity), and limited denial of service (low availability).
Advisories and references, including VulDB entries at https://vuldb.com/?ctiid.294302 and https://vuldb.com/?id.294302, a GitHub issue at https://github.com/magic2353112890/cve/issues/7, and the vendor site at https://itsourcecode.com/, provide further details but do not specify patches or mitigations in the available information.
The exploit has been disclosed publicly and may be used by attackers.
Details
- CWE(s)