CVE Alert: CVE-2025-10482 – SourceCodester – Online Student File Management System
CVE-2025-10482
A vulnerability was detected in SourceCodester Online Student File Management System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.
AI Summary Analysis
Risk verdict
High risk: remote SQL injection with a publicly available exploit increases the chance of automated abuse; immediate attention advised.
Why this matters
Exposed student and administrative data could be leaked or tampered with, risking privacy, compliance, and trust. In practice, attackers may use the injection to enumerate data and surface credentials or config information, enabling targeted or opportunistic access to the system.
Most likely attack path
The vulnerability is web-facing and requires no user interaction or privileges, enabling remote exploitation via /admin/index.php?Username=… The attacker can inject SQL through the Username parameter, potentially leaking data (C:L) and causing limited data modification (I:L). Lateral movement is unlikely without additional weaknesses, given the scope appears unchanged.
Who is most exposed
Publicly accessible instances of the SourceCodester Online Student File Management System, especially in small organisations or educational institutions hosting the app on standard web infrastructure with minimal hardening.
Detection ideas
- Web logs showing requests to /admin/index.php with suspicious Username payloads (e.g., their common SQLi patterns).
- Application logs or DB errors containing SQL syntax or database error messages.
- Unusual query lengths or pattern anomalies in user input fields.
- IDS/IPS alerts for SQLi signatures or UNION-based payloads.
- Spike in 500 errors correlated with admin endpoint access attempts.
Mitigation and prioritisation
- Patch to the latest vendor release or apply a vendor-supplied fix; verify integrity before deployment.
- Enable web application firewall rules to block SQLi on the admin endpoint; implement input validation and parameterised queries.
- Restrict /admin access behind authentication, IP allow-lists, and multi-factor authentication where feasible.
- Remove or reconfigure vulnerable endpoint exposure if a patch is not yet available; segment the admin interface from general web traffic.
- Change-management: schedule patching in a maintenance window; monitor logs and test post-implementation.
- If KEV is true or EPSS ≥ 0.5 (data not provided here), treat as priority 1.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
