CVE-2025-14590
BaseFortify
Publication date: 2025-12-13
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| carmelo | prison_management_system | 2.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a SQL injection in the Prison Management System 2.0, specifically in the /admin/search1.php file. It occurs due to manipulation of the argument 'keyname', allowing an attacker to inject malicious SQL code remotely.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to execute unauthorized SQL commands on the database, potentially leading to data leakage, data modification, or disruption of the system's normal operations.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized attackers to read, modify, or delete sensitive data such as full names, student IDs, national identification numbers, grades, and home addresses. This exposure and potential manipulation of personal and sensitive information can lead to non-compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal data against unauthorized access and breaches. Additionally, the ability to escalate attacks to the server level and cause large-scale data breaches or service disruptions further increases the risk of violating these compliance standards. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying requests to the /admin/search1.php file that include the 'keyname' parameter. One method is to use Google dorking with the query "inurl:admin/search1.php" to find potentially vulnerable targets. On your system or network, you can monitor HTTP requests for suspicious input in the 'keyname' parameter that includes SQL meta-characters such as single quotes or UNION statements. Additionally, testing the parameter with SQL injection payloads (e.g., using tools like sqlmap) can help confirm the vulnerability. Specific commands include using curl or wget to send crafted requests to /admin/search1.php with malicious 'keyname' values and observing the responses for SQL errors or unexpected behavior. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected component or software with an alternative product, as no known countermeasures or patches are documented. Additionally, restricting access to the /admin/search1.php file through network controls or web application firewalls (WAF) to block malicious input can reduce exposure. Implementing input validation and parameterized queries in the application code is recommended for a long-term fix, but since the vulnerability is in a third-party product, upgrading or replacing the software is advised. [1]