SourceCodester 在线农场管理系统 login.php SQL 注入漏洞

Successful exploitation of CVE-2025-9833 could allow an attacker to bypass authentication and gain unauthorized access to the Online Farm Management System's database. This could lead to the exfiltration of sensitive data such as user credentials, farm inventory details, financial records, and other confidential information. Depending on the database schema, an attacker might also be able to modify or delete data, disrupting farm operations. The public availability of a proof-of-concept significantly increases the risk of exploitation, making it a high-priority concern for organizations using this system.

Small to medium-sized farms and agricultural businesses that rely on the Online Farm Management System for operational management are particularly at risk. Organizations using shared hosting environments where the system is deployed may also be vulnerable, as they may lack control over the underlying server configuration and security patches.

• php / web: Examine access logs for suspicious requests to /Login/login.php with unusual parameters in the 'uname' field. Look for patterns indicative of SQL injection attempts (e.g., single quotes, double quotes, semicolons). • generic web: Use curl to test the /Login/login.php endpoint with a simple SQL injection payload (e.g., ' OR '1'='1) and observe the response for unexpected behavior or error messages. • generic web: Check for unusual database activity or errors in the application's error logs that might indicate a SQL injection attack. • generic web: Implement rate limiting on the /Login/login.php endpoint to mitigate brute-force attempts to exploit the vulnerability.

1. 2025-09-02Disclosure

   disclosure

2. 2025-09-02PoC

   poc

3. 2025-09-02Patch

   patch

1. 已保留2025-09-02
2. 发布日期2025-09-02
3. 修改日期2025-09-03
4. EPSS 更新日期2026-03-23

The primary mitigation for CVE-2025-9833 is to immediately upgrade to version 1.0.1 of the Online Farm Management System. If upgrading is not immediately feasible, consider implementing temporary workarounds such as input validation and sanitization on the 'uname' parameter within the /Login/login.php file. While not a complete solution, this can help reduce the attack surface. Web application firewalls (WAFs) configured to detect and block SQL injection attempts can also provide an additional layer of protection. After upgrading, verify the fix by attempting a SQL injection attack on the /Login/login.php endpoint using a standard SQL injection payload to ensure the vulnerability is no longer present.