CVE Alert: CVE-2025-10973 – JackieDYH – Resume-management-system
CVE-2025-10973
A flaw has been found in JackieDYH Resume-management-system up to fb6b857d852dd796e748ce30c606fe5e61c18273. Affected by this issue is some unknown functionality of the file /admin/show.php. This manipulation of the argument userid causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The vendor was contacted early about this disclosure but did not respond in any way.
AI Summary Analysis
Risk verdict
High risk: remote, unauthenticated SQL injection with a publicly disclosed exploit increases likelihood of abuse.
Why this matters
If exploited, attacker could read or alter data via the web app without user interaction, potentially exposing PII or sensitive records. The vendor’s rolling-release model complicates timely patching, raising the window for exploitation and data compromise.
Most likely attack path
An attacker targets the /admin/show.php endpoint, supplying a crafted userid parameter to trigger SQL injection over the network. No authentication or user interaction is required, and the impact is confined to data confidentiality, integrity, and availability at the app/DB layer; successful abuse can enable data exfiltration or tampering.
Who is most exposed
Web deployments of JackieDYH Resume-management-system with internet-facing admin interfaces are at risk, especially where the application runs on common LAMP/WEB stacks and is not tightly network-segmented.
Detection ideas
- Inspect application logs for abnormal userid parameters and SQL error messages from /admin/show.php.
- Monitor for unusual query patterns and high-volume data exfiltration indicators from the database.
- Look for automated probes targeting the admin endpoint and potential SQLi payloads in GET parameters.
- Enable WAF/IDS rules tuned to SQL injection payloads against PHP backends.
- Correlate spikes in authentication- or admin-related requests with anomalous database responses.
Mitigation and prioritisation
- Apply vendor patch or upgrade to a fixed release; if only rolling updates are available, prioritise hotfix deployment.
- Implement input validation and parameterised queries; disable or sanitise untrusted userid input.
- Restrict access to /admin/show.php to trusted networks or authenticated admins; enforce MFA where feasible.
- Enhance logging, alerting, and incident response Playbooks; test backups and recovery.
- If KEV is confirmed or EPSS ≥ 0.5 (data not provided here), treat as priority 1. If not, prioritise promptly but align with patch availability and exposure. Note: state of KEV/EPSS/SSVC exploitation is unknown.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
