CVE Alert: CVE-2025-12325 – SourceCodester – Best Salon Management System
CVE-2025-12325
A vulnerability has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
AI Summary Analysis
Risk verdict
High-risk remote SQL injection in the forgot-password flow; PoC is publicly available, warranting urgent attention.
Why this matters
Attackers can target credentials or expose sensitive user data without authentication, potentially enabling password reset abuse or data exposure. Although impact per asset is moderate, the combination of network access and a publicly disclosed PoC increases the likelihood of opportunistic exploitation across exposed deployments.
Most likely attack path
Remote attacker sends crafted input to the forgot-password endpoint, bypassing authentication. Due to no user interaction required, it can trigger unauthorized queries against the database, with potential data leakage or modification limited by the vulnerability’s low confidentiality/integrity/availability impact, but still enabling account compromise at scale in poorly defended environments.
Who is most exposed
Self-hosted, internet-facing installations of the product in small to mid-sized organisations, especially those lacking input sanitisation, WAF protection, or up‑to‑date database user restrictions.
Detection ideas
- Logs show SQL error or database-agnostic error strings from forgot-password requests.
- Anomalous, rapid requests to the endpoint with suspicious payloads.
- Increased DB query activity tied to the forgot-password flow.
- WAF/IPS alerts for SQL injection patterns on the email parameter.
- Unusual data returned in responses or password-reset event logs.
Mitigation and prioritisation
- Apply vendor patch or upgrade to fixed version; verify in a test environment first.
- Implement parameterised queries and input validation for all user-supplied fields in the forgot-password flow.
- Enforce least-privilege DB user accounts and separate application DB roles.
- Deploy WAF rules to block common SQL injection payloads; enable strict logging/alerting on this endpoint.
- Implement rate limiting and anomaly detection on the forgot-password function; validate change-management plan.
- If KEV is true or EPSS ≥ 0.5, treat as priority 1.
Support Our Work
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.
