Plataforma
php
Corrigido em
1.0.1
CVE-2025-9924 identifies a SQL Injection vulnerability within the Travel Management System, specifically impacting version 1.0. This flaw allows attackers to potentially manipulate database queries, leading to unauthorized data access or modification. The vulnerability resides within the /enquiry.php file, and exploitation can be achieved remotely. A patch is available in version 1.0.1.
Successful exploitation of CVE-2025-9924 could grant an attacker unauthorized access to sensitive data stored within the Travel Management System's database. This includes potentially accessing user credentials, financial information, travel itineraries, and other confidential details. An attacker could also modify or delete data, leading to data corruption and disruption of services. The remote nature of the vulnerability significantly expands the potential attack surface, making it accessible to a wide range of malicious actors. The SQL injection allows for arbitrary database queries, potentially enabling privilege escalation or even complete system compromise depending on database permissions.
This vulnerability has been publicly disclosed, increasing the risk of exploitation. While no active campaigns have been definitively linked to CVE-2025-9924 at the time of writing, the availability of public information makes it a potential target for opportunistic attackers. The vulnerability is not currently listed on CISA KEV, but its HIGH severity warrants monitoring. A public proof-of-concept may be available or developed shortly.
Organizations utilizing the Travel Management System version 1.0, particularly those with sensitive travel data or financial information, are at significant risk. Shared hosting environments where multiple applications share the same database are especially vulnerable, as a successful exploit could impact other applications on the same server.
• php: Examine /enquiry.php for unsanitized input handling of the 't2' parameter. Look for patterns like $_GET['t2'] without proper validation.
if (isset($_GET['t2'])) {
$t2 = $_GET['t2'];
// Vulnerable code: no sanitization or validation
$sql = "SELECT * FROM table WHERE column = '$t2';";
}• generic web: Monitor access logs for unusual SQL injection attempts targeting /enquiry.php. Look for patterns containing SQL keywords like SELECT, UNION, INSERT, DELETE within the 't2' parameter.
• generic web: Use curl to test the endpoint with a simple SQL injection payload: curl 'http://example.com/enquiry.php?t2=1' UNION SELECT 1,2,3 -- -
disclosure
Status do Exploit
EPSS
0.03% (percentil 9%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2025-9924 is to immediately upgrade the Travel Management System to version 1.0.1, which includes the necessary fix. If upgrading is not immediately feasible, consider implementing input validation and sanitization on the 't2' parameter within /enquiry.php to prevent malicious SQL code from being injected. Web application firewalls (WAFs) configured with rules to detect and block SQL injection attempts can provide an additional layer of defense. After upgrading, confirm the vulnerability is resolved by attempting a SQL injection attack on the /enquiry.php endpoint with a known malicious payload.
Atualizar para uma versão corrigida do Travel Management System. Se nenhuma versão estiver disponível, revisar e higienizar as entradas do parâmetro 't2' no arquivo 'enquiry.php' para evitar a injeção SQL. Utilizar sentenças preparadas ou funções de escape fornecidas por PHP para proteger o banco de dados.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2025-9924 is a SQL Injection vulnerability affecting Travel Management System version 1.0, allowing attackers to potentially manipulate database queries and access sensitive data.
If you are using Travel Management System version 1.0, you are potentially affected. Upgrade to version 1.0.1 to mitigate the risk.
The recommended fix is to upgrade to version 1.0.1. As a temporary workaround, implement input validation and sanitization on the 't2' parameter in /enquiry.php.
While no active campaigns have been confirmed, the public disclosure increases the risk of exploitation. Monitor your systems for suspicious activity.
Refer to the projectworlds website or relevant security mailing lists for the official advisory regarding CVE-2025-9924.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.