CVE-2025-0948
Published: 01 February 2025
Summary
CVE-2025-0948 is a medium-severity Injection (CWE-74) vulnerability in Angeljudesuarez Tailoring Management System. Its CVSS base score is 6.3 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 18.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents SQL injection by validating and sanitizing the untrusted 'incid' input parameter in incview.php.
Requires timely identification, prioritization, and remediation of the SQL injection flaw in the Tailoring Management System.
Restricts the 'incid' parameter to organization-defined allowable values, types, and lengths to block malicious SQL payloads.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in public-facing web application (incview.php and others) enables exploitation of public-facing application (T1190) and arbitrary database queries for data collection (T1213.006).
NVD Description
A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System 1.0. This affects an unknown part of the file incview.php. The manipulation of the argument incid leads to sql injection. It is possible to initiate the…
more
attack remotely. The exploit has been disclosed to the public and may be used.
Deeper analysisAI
CVE-2025-0948 is a critical SQL injection vulnerability in itsourcecode Tailoring Management System 1.0, affecting an unknown functionality within the incview.php file. The issue arises from improper handling of the 'incid' argument, enabling manipulation that leads to SQL injection (CWE-74, CWE-89). Published on 2025-02-01, it carries a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).
The vulnerability can be exploited remotely by an attacker with low privileges (PR:L), requiring no user interaction and low complexity. Successful exploitation allows limited impacts on confidentiality, integrity, and availability, potentially enabling unauthorized data access, modification, or disruption via injected SQL payloads. An exploit has been publicly disclosed and may be actively used.
Advisories and references, including those on GitHub (https://github.com/magic2353112890/cve/issues/7), VulDB (https://vuldb.com/?ctiid.294303 and https://vuldb.com/?id.294303), and the vendor site (https://itsourcecode.com/), provide further details but do not specify patches or mitigations in the available information.
Details
- CWE(s)