CVE-2025-15140
SQL Injection in saiftheboss7 onlinemcqexam /admin/quesadd.php
Publication date: 2025-12-28
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| saiftheboss7 | onlinemcqexam | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a SQL injection found in the saiftheboss7 onlinemcqexam application, specifically in the /admin/quesadd.php file. It occurs when the arguments ans1 or ans2 are manipulated, allowing an attacker to inject malicious SQL code. The attack can be performed remotely, and an exploit has already been made public.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to execute arbitrary SQL commands on the database, potentially leading to unauthorized data access, data modification, or deletion. Since the attack can be carried out remotely without authentication, it poses a significant risk to the confidentiality, integrity, and availability of the affected system's data.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized database access, data leakage, and data manipulation, which can lead to breaches of confidentiality and integrity of sensitive information. Such breaches can result in non-compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data. Therefore, exploitation of this SQL injection vulnerability could compromise compliance with these regulations by exposing or altering protected data without authorization. [1, 2, 3, 4]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the /admin/quesadd.php endpoint for SQL injection vulnerabilities in the ans1 and ans2 parameters. Example payloads for testing include boolean-based blind injection, error-based injection, and time-based blind injection techniques. Specific example payloads for the ans1 parameter are: - Boolean-based blind: ans1=1' RLIKE (SELECT (CASE WHEN (2428=2428) THEN 1 ELSE 0x28 END)) AND 'rgeU'='rgeU - Error-based: ans1=1' AND GTID_SUBSET(CONCAT(0x7176627871,(SELECT (ELT(7376=7376,1))),0x716b707a71),7376) AND 'soSc'='soSc - Time-based blind: ans1=1' AND (SELECT 5254 FROM (SELECT(SLEEP(5)))vOsx) AND 'aGRL'='aGRL' Additionally, the vulnerability has been confirmed using the sqlmap tool, which can be used to automate detection and exploitation attempts against the vulnerable parameters. Also, vulnerable targets can be identified using Google dorking with the query: inurl:admin/quesadd.php [2, 3, 4]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1. Implement prepared statements with parameter binding to separate SQL code from user input, preventing SQL injection. 2. Enforce strict input validation and filtering on all user-supplied data to ensure inputs conform to expected formats. 3. Minimize database user privileges by avoiding use of high-privilege accounts like root or admin for application connections. 4. Conduct regular security audits of code and systems to detect and fix vulnerabilities promptly. Since the vendor has not provided any patches or mitigations, these steps are critical to secure the system and maintain data integrity. [3, 4, 1]