CVE Alert: CVE-2025-10833 – 1000projects – Bookstore Management System
CVE-2025-10833
HIGHNo exploitation known
A vulnerability was determined in 1000projects Bookstore Management System 1.0. The impacted element is an unknown function of the file /login.php. This manipulation of the argument unm causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
CVSS v3.1 (7.3)
Vendor
1000projects
Product
Bookstore Management System
Versions
1.0
CWE
CWE-89, SQL Injection
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Published
2025-09-23T02:32:06.097Z
Updated
2025-09-23T02:32:06.097Z
References
AI Summary Analysis
Risk verdict: High risk due to remote SQL injection on the login endpoint with a publicly disclosed exploit, making automated exploitation feasible without authentication.
Why this matters: Attackers could bypass authentication, read or alter data, and potentially exfiltrate customer or transactional information. Downstream impact includes compromised records, financial loss, regulatory exposure, and loss of trust; the vulnerability also raises the chance of further data integrity issues in related modules.
Most likely attack path: The adversary targets login.php via the unm parameter, delivering a crafted input to trigger SQL injection over the network. With no user interaction required and no privileges needed, successful payloads can access or corrupt the database within the same security scope, enabling data theft or modification; limited lateral movement is possible if other systems share the same DB.
Who is most exposed: Common in self-hosted SMB/LAMP deployments of 1000projects Bookstore Management System, often on shared/VPS hosting with public web access. Environments lacking strict input handling or prepared statements are typical risk carriers.
Detection ideas:
- Look for abnormal query errors or database error messages in login attempts.
- Detect suspicious payloads in unm parameters (e.g., tautologies, union/select patterns).
- Monitor spikes in login.php requests with unusual characters or timeouts.
- Correlate failed/successful logins with anomalous IPs or geolocations.
- Inspect DB logs for out-of-pattern SELECT/UPDATE activity tied to login attempts.
Mitigation and prioritisation:
- Apply vendor patch or upgrade to a fixed release; if unavailable, implement parameterised queries and prepared statements in login.php.
- Deploy input validation and output encoding; remove direct string concatenation in SQL.
- Enable a Web Application Firewall rule set targeting SQLi payloads; rate-limit login endpoints.
- Restrict database permissions (least privilege) and rotate credentials; isolate the login DB from other systems.
- Implement change-management and monitoring for rapid detection of exploitation attempts. Treat as priority 2.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
