Cyber Resilience

CVE-2025-22976

High

Published: 15 January 2025

Published
15 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0008 24.3th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-22976 is a high-severity SQL Injection (CWE-89) vulnerability. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 24.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-22976 is a SQL injection vulnerability (CWE-89) in dingfanzuCMS version 1.0, specifically affecting the shopId parameter in the checkOrder.php module due to inadequate input filtering. This flaw enables a local attacker with low privileges to inject malicious SQL payloads, potentially leading to arbitrary code execution. The vulnerability received a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N), indicating high confidentiality and integrity impacts without affecting availability.

A local attacker who has obtained low-privilege access to the system can exploit this vulnerability by crafting and submitting a malicious shopId value to the checkOrder.php endpoint. Successful exploitation allows the attacker to execute arbitrary SQL queries, which could result in data exfiltration, modification of database contents, or escalation to arbitrary code execution on the underlying server.

For mitigation details, refer to the advisory at https://github.com/xiaosguang/cve/blob/main/dingfanzu/dingfanzu-CMS%20checkOrder.php%20shopId%20SQL-inject.md, published alongside the CVE on 2025-01-15.

EU & UK References

Vulnerability details

SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a local attacker to execute arbitrary code via not filtering the content correctly at the "checkOrder.php" shopId module.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

SQL injection vulnerability allows local low-privileged attacker to inject payloads leading to arbitrary code execution and high integrity impact, directly enabling exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-47954Shared CWE-89
CVE-2025-48650Shared CWE-89
CVE-2025-49759Shared CWE-89
CVE-2025-66678Shared CWE-89
CVE-2025-59499Shared CWE-89
CVE-2026-26116Shared CWE-89
CVE-2025-53727Shared CWE-89
CVE-2026-33288Shared CWE-89
CVE-2024-35275Shared CWE-89
CVE-2025-61943Shared CWE-89

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validating the shopId input parameter for correctness and malicious content to prevent SQL injection exploitation.

prevent

Mandates timely identification, reporting, and correction of the SQL injection flaw in checkOrder.php to eliminate the vulnerability.

prevent

Enforces restrictions on shopId inputs such as type, length, and format to block malformed SQL payloads before processing.

References