CVE-2025-1116
Published: 08 February 2025
Summary
CVE-2025-1116 is a medium-severity Injection (CWE-74) vulnerability. Its CVSS base score is 6.9 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 17.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-7 (Least Functionality) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2025-1116 is a critical SQL injection vulnerability in Dreamvention Live AJAX Search Free versions up to 1.0.6 running on OpenCart. The issue affects the searchresults/search function in the file accessible via the route /?route=extension/live_search/module/live_search.searchresults, where the keyword argument can be manipulated to inject malicious SQL payloads. Classified under CWE-74 and CWE-89, it carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) and was published on 2025-02-08.
The vulnerability can be exploited remotely by unauthenticated attackers with low complexity, requiring no privileges or user interaction. By sending crafted requests with a malicious keyword parameter, attackers can execute arbitrary SQL queries, potentially leading to limited impacts on confidentiality, integrity, and availability, such as data exfiltration, modification, or denial of service on the underlying database.
VulDB advisories detail the vulnerability and reference a public exploit disclosure in a GitHub Gist at https://gist.github.com/mcdruid/d6a41cfebd9e10e63a8c698d3a8ad771, confirming the issue's remote exploitability. No specific patches or mitigations are outlined in the provided references, though updating to a fixed version beyond 1.0.6, if available, or disabling the module is implied as standard remediation for such extensions.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-2014
Vulnerability details
A vulnerability, which was classified as critical, has been found in Dreamvention Live AJAX Search Free up to 1.0.6 on OpenCart. Affected by this issue is the function searchresults/search of the file /?route=extension/live_search/module/live_search.searchresults. The manipulation of the argument keyword leads…
more
to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in public-facing OpenCart search module enables remote unauthenticated exploitation of a web application.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly prevents SQL injection by requiring validation of the user-supplied keyword input to the searchresults/search function before database processing.
Addresses the specific SQL injection flaw in Dreamvention Live AJAX Search Free by identifying, patching, or replacing the vulnerable module.
Mitigates exploitation by restricting or disabling the unnecessary Live AJAX Search extension functionality through least functionality policies.