The CVE-2025-0409 vulnerability in Liujianview Gymxmjpa 1.0 allows remote attackers to execute arbitrary SQL queries via the `typeName` parameter in the `MembertypeDaoImpl` class (MembertypeController.java). This occurs due to improper input sanitization, enabling SQL injection when user-supplied data is directly concatenated into SQL statements. Attackers can exploit this to bypass authentication, extract sensitive data, or manipulate database content. The vulnerability is remotely exploitable with low attack complexity, requiring only a low-privileged account.
DailyCVE Form:
Platform: Liujianview Gymxmjpa
Version: 1.0
Vulnerability: SQL Injection
Severity: Critical
Date: 2025-01-12
What Undercode Say:
Exploitation:
- Craft a malicious HTTP request to `MembertypeController` with a crafted `typeName` parameter:
POST /gymxmjpa/membertype/add HTTP/1.1 Host: target.com typeName=admin' OR '1'='1'--
2. Use automated tools like SQLmap:
sqlmap -u "http://target.com/gymxmjpa/membertype/add" --data="typeName=test" --risk=3 --level=5
Protection:
1. Patch the application by using parameterized queries:
@Query("SELECT m FROM Membertype m WHERE m.typeName = :typeName")
List<Membertype> findByTypeName(@Param("typeName") String typeName);
2. Apply input validation:
if (!typeName.matches("[a-zA-Z0-9]+")) {
throw new IllegalArgumentException("Invalid input");
}
3. Deploy a WAF with SQL injection rulesets.
Analytics:
- CVSS 4.0: AV:N/AC:L/PR:L/UI:N/VC:L/VI:L/VA:L (5.3 Medium)
- Attack Vector: Network
- Prerequisites: Low-privileged account access.
Detection:
- Monitor logs for unusual SQL errors or repeated `typeName` parameter tampering.
- Use IDS/IPS signatures targeting
LIUJIANVIEW-GYMXMJPA-SQLi.
References:
- VulDB Entry: VulDB-CVE-2025-0409
- Mitigation Guide: OWASP SQL Injection Prevention Cheat Sheet.
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode
