CVE Alert: CVE-2025-11585 - code-projects - Project Monitoring System

CVE-2025-11585

HIGHNo exploitation known

A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.

CVSS v3.1 (7.3)

Vendor

code-projects

Product

Project Monitoring System

Versions

1.0

CWE

CWE-89, SQL Injection

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

Published

2025-10-10T21:02:06.965Z

Updated

2025-10-10T21:02:06.965Z

References

https://vuldb.com/?id.327907

https://vuldb.com/?ctiid.327907

https://vuldb.com/?submit.671506

https://github.com/tiancesec/CVE/issues/8

https://code-projects.org/

AI Summary Analysis

Risk verdict: High risk with a remote, unauthenticated SQL injection possibility and publicly available exploit hints; patch urgently if this exposure is reachable externally.

Why this matters: Attackers could harvest or modify data and potentially disrupt operations without user interaction. The public PoC increases the likelihood of automated targeting, especially on internet‑facing deployments, risking data confidentiality and integrity in monitoring workflows.

Most likely attack path: An attacker sends crafted input to a web endpoint, triggering a backend SQL query without proper parameterisation. With network access and no authentication required, the attacker could enumerate or alter data, constrained only by the database permissions, leading to potential data leakage or injection-based disruption.

Who is most exposed: Internet‑facing installations of the affected monitoring system on typical LAMP/MEAN stacks are most at risk, particularly those lacking input validation, prepared statements, or WAF protection.

Detection ideas:

Unusual SQL error messages or stack traces in web/app logs.
A surge of requests to the affected endpoint with anomalous uid values or benign-looking payloads containing SQL syntax.
Increased database query latency or abnormal long-running queries tied to the vulnerable endpoint.
Logs showing attempts to enumerate rows or extract data via classic injection patterns.
Correlated alerts from WAF or IDS targeting SQLi signatures.

Mitigation and prioritisation:

Apply vendor patch or upgrade to fixed version; deploy as a change-management priority.
Implement parameterised queries and input validation; reject or canonicalise uid inputs.
Enforce least privilege for the web app’s database account; disable unnecessary DB capabilities.
Deploy WAF rules or disable direct public access to the vulnerable endpoint; enable strict traffic controls.
Initiate active monitoring and incident response playbooks; verify remediation with targeted tests.

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee

Patreon

To keep up to date follow us on the below channels.

Tags: code-projects, CVE, cve-2025-11585, OSINT, project-monitoring-system, threatintel