CVE-2025-69215
Published: 04 February 2026
Summary
CVE-2025-69215 is a high-severity SQL Injection (CWE-89) vulnerability in Devcode Openstamanager. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 13.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and RA-5 (Vulnerability Monitoring and Scanning).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates SQL injection in the Stampe Module by requiring validation and sanitization of user inputs before they are used in SQL queries.
Provides a process to identify, prioritize, and remediate the SQL injection flaw, including applying patches when available or implementing workarounds.
Enables vulnerability scanning to detect the SQL injection vulnerability in OpenSTAManager version 2.9.8 and prior, facilitating proactive mitigation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in a network-accessible web application directly enables remote exploitation of a public-facing app (T1190) and arbitrary query execution against the backend database for data access/modification (T1213.006).
NVD Description
OpenSTAManager is an open source management software for technical assistance and invoicing. In version 2.9.8 and prior, there is a SQL Injection vulnerability in the Stampe Module. At time of publication, no known patch exists.
Deeper analysisAI
CVE-2025-69215 is a SQL injection vulnerability (CWE-89) in OpenSTAManager, an open-source management software for technical assistance and invoicing. The flaw affects version 2.9.8 and prior, specifically within the Stampe Module. It carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), reflecting high severity due to its potential for significant impact.
The vulnerability can be exploited by an attacker with low privileges (PR:L) who has network access to the application. Exploitation requires low complexity and no user interaction, allowing remote execution of arbitrary SQL queries. This enables high confidentiality, integrity, and availability impacts, such as unauthorized data access, modification, or deletion from the underlying database.
The GitHub security advisory (GHSA-qx9p-w3vj-q24q) notes that, at the time of publication on 2026-02-04T18:16:07.683, no known patch exists for this issue.
Details
- CWE(s)