CVE-2025-51683

CriticalPublic PoC

Published: 01 December 2025

Published

01 December 2025

Modified

04 December 2025

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0020 41.9th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-51683 is a critical-severity SQL Injection (CWE-89) vulnerability in Mjobtime Mjobtime. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 41.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Requires validation of POST request inputs to the /Default.aspx/update_profile_Server endpoint to block SQL injection payloads.

SI-2 Flaw Remediation good match

prevent

Mandates timely remediation of the blind SQLi flaw in mJobtime v15.7.2 through patching or code correction.

AC-3 Access Enforcement good match

prevent

Enforces authentication requirements for access to the vulnerable endpoint, blocking unauthenticated remote attackers.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1213.006 Databases Collection

Adversaries may leverage databases to mine valuable information.

attack.mitre.org →

Why these techniques?

CVE describes unauthenticated blind SQLi in public-facing web endpoint (/Default.aspx), enabling arbitrary SQL execution for DB access (T1190, T1213.006).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

A blind SQL Injection (SQLi) vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/update_profile_Server endpoint .

Deeper analysisAI

CVE-2025-51683 is a blind SQL injection (SQLi) vulnerability in mJobtime version 15.7.2, a time management software accessible via mjobtime.com. Published on 2025-12-01, the flaw resides in the /Default.aspx/update_profile_Server endpoint, where unauthenticated attackers can execute arbitrary SQL statements through a crafted POST request. It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and maps to CWE-89.

Remote unauthenticated attackers can exploit this vulnerability over the network with low attack complexity and no user interaction or privileges required. By sending a specially crafted POST request, they can inject and execute arbitrary SQL statements, potentially compromising the confidentiality, integrity, and availability of the database with high impact.

Advisories such as the one from InfoGuard Labs (covering CVE-2025-51682 and CVE-2025-51683) describe the SQLi in this time management software, including paths to potential RCE. Practitioners should consult these references and the vendor site at mjobtime.com for mitigation details, patch availability, or workarounds.