CVE Alert: CVE-2025-10668 – itsourcecode – Online Discussion Forum
CVE-2025-10668
A security vulnerability has been detected in itsourcecode Online Discussion Forum 1.0. This affects an unknown part of the file /members/compose_msg_admin.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
AI Summary Analysis
Risk verdict
High risk due to remote, unauthenticated SQL injection with a public disclosure; exploitation potential exists and should be monitored closely.
Why this matters
Compromise of data confidentiality, integrity and availability is plausible, including leakage of user data or manipulation of forum content. Since no user interaction is required, automated tooling could rapidly probe the endpoint and exploit the vulnerability at scale.
Most likely attack path
An attacker remotely targets the /members/compose_msg_admin.php endpoint, supplying crafted input for the ID parameter to trigger a SQL injection. The vulnerability is exploitable without authentication, with limited impact on data but potential data exposure and manipulation (C, I, A affected at L). If successful, the attacker could exfiltrate data or alter messages, and may attempt further database access within the same scope.
Who is most exposed
Sites running itsourcecode Online Discussion Forum v1.0 that expose the admin-compose page to the internet, especially on legacy hosting with weak patching and minimal input validation.
Detection ideas
- Web server/App logs showing SQL error messages or unusual query patterns from compose_msg_admin.php.
- Surges of requests with anomalous or crafted ID values (SQLi payload indicators).
- WAF/IPS alerts for common SQLi patterns (e.g., union/select, sleep-based payloads).
- Database logs showing abnormal queries originating from the web app.
- Unexpected data retrieval or changes to admin-related tables.
Mitigation and prioritisation
- Apply vendor patch or upgrade to fixed version; if unavailable, apply compensating controls (WAF rules, disable vulnerable endpoint, IP allowlisting).
- Implement parameterised queries/prepared statements and strict input validation; restrict DB user privileges for the web app.
- Patch management: test in staging, then roll out; monitor post-deployment.
- Consider disabling or hardening the admin compose function until patched.
- Prioritisation note: If KEV is active or EPSS ≥ 0.5, treat as Priority 1.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
