CVE-2025-1173
Published: 11 February 2025
Summary
CVE-2025-1173 is a medium-severity Injection (CWE-74) vulnerability in 1000Projects Bookstore Management System. Its CVSS base score is 4.7 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Databases (T1213.006); ranked at the 22.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents SQL injection by requiring validation and sanitization of the 'id' parameter in process_users_del.php.
Addresses the specific SQL injection flaw through identification, reporting, and correction in the Bookstore Management System.
Vulnerability scanning detects the SQL injection vulnerability in process_users_del.php for subsequent remediation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in process_users_del.php enables arbitrary SQL query execution, facilitating data collection from databases (T1213.006) and abuse of server software components (T1505 as cited in advisories).
NVD Description
A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. This affects an unknown part of the file process_users_del.php. The manipulation of the argument id leads to sql injection. It is possible to initiate…
more
the attack remotely.
Deeper analysisAI
CVE-2025-1173 is a critical SQL injection vulnerability in the 1000 Projects Bookstore Management System version 1.0. The issue resides in an unspecified component of the file process_users_del.php, where manipulation of the "id" argument enables SQL injection. Associated with CWE-74 (improper neutralization of special elements) and CWE-89 (SQL injection), it carries a CVSS v3.1 base score of 4.7 (AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L), indicating medium severity despite the critical classification.
Exploitation requires network access with low complexity and high privileges (PR:H), such as an authenticated administrative user, and no user interaction. A remote attacker could inject malicious SQL via the "id" parameter during user deletion processes, potentially resulting in limited impacts: low confidentiality (e.g., partial data exposure), low integrity (e.g., minor unauthorized modifications), and low availability (e.g., minor denial of service).
Advisories are documented on VulDB (ctiid.295077, id.295077, submit.495309), a GitHub issue at NeoVuln/CVE #2, and the project site at 1000projects.org. No specific patch or mitigation details are outlined in the provided references; practitioners should review these sources for updates, such as input sanitization or parameterized queries in process_users_del.php.
Details
- CWE(s)