CVE-2025-45542: Time-Based Blind SQL Injection in CloudClassroom PHP Project v1.0
CloudClassroom PHP Project v1.0存在时间盲注SQL注入漏洞(CVE-2025-45542),攻击者通过构造POST请求可执行任意SQL操作,导致敏感信息泄露或认证绕过。建议使用预处理语句、输入过滤和WAF修复。 2025-6-3 13:3:9 Author: seclists.org(查看原文) 阅读量:17 收藏
CloudClassroom PHP Project v1.0存在时间盲注SQL注入漏洞(CVE-2025-45542),攻击者通过构造POST请求可执行任意SQL操作,导致敏感信息泄露或认证绕过。建议使用预处理语句、输入过滤和WAF修复。 2025-6-3 13:3:9 Author: seclists.org(查看原文) 阅读量:17 收藏
Full Disclosure mailing list archives
From: Sanjay Singh <sanjay70023 () gmail com>
Date: Fri, 30 May 2025 22:58:18 +0530
Hello Full Disclosure list, I am sharing details of a newly assigned CVE affecting an open-source educational software project: ------------------------------------------------------------------------ CVE-2025-45542: Time-Based Blind SQL Injection in CloudClassroom PHP Project v1.0 ------------------------------------------------------------------------ Product: CloudClassroom PHP Project Vendor: https://github.com/mathurvishal/CloudClassroom-PHP-Project Affected Version: v1.0 Vulnerability Type: SQL Injection Attack Type: Remote CVE ID: CVE-2025-45542 Discoverer: Sanjay Singh Vulnerability Details: A time-based blind SQL injection vulnerability exists in the `registrationform` endpoint of CloudClassroom-PHP-Project v1.0. The `pass` parameter is not properly sanitized, allowing an unauthenticated remote attacker to manipulate backend SQL logic and potentially extract sensitive information. Proof of Concept: The vulnerability can be exploited using a POST request with a crafted payload like: `'XOR(if(now()=sysdate(),sleep(6),0))XOR'` Impact: Successful exploitation allows for: - Arbitrary SQL execution - Potential information disclosure - Authentication bypass under certain conditions Recommended Mitigations: - Use prepared statements with parameterized queries - Sanitize input with `mysqli_real_escape_string()` or similar - Implement a Web Application Firewall (WAF) - Enforce least privilege on the application’s DB user References: - GitHub: https://github.com/mathurvishal/CloudClassroom-PHP-Project - Exploit-DB Submission (pending approval) - GHDB Dork (submitted): `inurl:"CloudClassroom-PHP-Project-master" intitle:"Cloud Classroom"` I have also submitted this to Exploit-DB and the Google Hacking Database to assist defenders and researchers. Attached is a detailed advisory in plain text format. Regards, Sanjay Singh https://www.linkedin.com/in/sanjay70023 https://gist.github.com/sanjay70023/63e9c32e49a0760eaa6b9e2a8ba8c966
Attachment:
CVE-2025-45542.txt
Description:
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- CVE-2025-45542: Time-Based Blind SQL Injection in CloudClassroom PHP Project v1.0 Sanjay Singh (Jun 03)
文章来源: https://seclists.org/fulldisclosure/2025/Jun/12
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh