CVE Alert: CVE-2025-10834 – itsourcecode – Open Source Job Portal
CVE-2025-10834
HIGHNo exploitation known
A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. This affects an unknown function of the file /jobportal/admin/login.php. Such manipulation of the argument user_email leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
CVSS v3.1 (7.3)
Vendor
itsourcecode
Product
Open Source Job Portal
Versions
1.0
CWE
CWE-89, SQL Injection
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Published
2025-09-23T03:02:07.288Z
Updated
2025-09-23T03:02:07.288Z
References
AI Summary Analysis
Risk verdict: High risk for remote SQL injection on the login endpoint, with a publicly available PoC and no authentication required.
Why this matters: An attacker could exfiltrate or manipulate data via the login process, potentially impacting user records and authentication flows. The vulnerability’s remote nature and PoC availability raise the likelihood of automated or opportunistic exploitation, especially on self-hosted deployments.
Most likely attack path: An attacker sends crafted input to /jobportal/admin/login.php, exploiting user_email to alter SQL queries (AV:N, AC:L, PR:N, UI:N). With no privileges required and no user interaction, this can affect confidentiality, integrity, and availability at the database level, though CVSS indicates low impact per metric values; exploitation can still enable data access or modification without user auth.
Who is most exposed: Open-source job portal deployments are commonly run on shared or simple LAMP/LEMP stacks exposed to the internet; organisations hosting internal or customer-facing job boards without strong input handling are especially at risk.
Detection ideas:
- SQL error patterns or unexpected database errors in login attempts.
- Abnormal login.php query strings or tailing of user_email parameter in web logs.
- Increased failed logins or unusual authentication flow disruptions.
- WAF alerts for SQL injection payloads targeting login endpoints.
- Anomalous DB query logs or ORM/query-level anomalies around authentication.
Mitigation and prioritisation:
- Patch or upgrade to a fixed version; apply vendor guidance.
- Implement parameterised queries and strict input validation around user_email.
- Deploy Web Application Firewall rules targeting SQLi patterns on login endpoints.
- Harden authentication flow; disable verbose error messages and enable least-privilege DB access.
- Change-management: test in staging, then roll out with monitoring; if KEV is present or EPSS ≥ 0.5, treat as priority 1. Note: KEV and EPSS data are not provided here; confirm to adjust prioritisation.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
