CVE-2025-0168: Critical vulnerability in Code-Projects Job Recruitment 1. allows SQL injection through the /_parse/_feedback_system.php file

A recently discovered critical vulnerability in Code-Projects Job Recruitment 1. has opened the door for attackers to exploit the platform using a classic SQL injection technique. The bug, registered as CVE-2025-0168, has been receiving significant attention since its public disclosure and can have severe implications for the security of systems running this software. This blog post will delve into the details of the vulnerability, including the affected component, attack vector, and how it can be exploited.

Overview

The vulnerability lies within the /_parse/_feedback_system.php file of the Code-Projects Job Recruitment 1. platform. This file is responsible for handling user input and processing feedback requests on the platform. The vulnerability itself involves the improper handling of user input for the "person" argument, which leaves the application open to an SQL injection attack. Attackers can exploit this bug remotely, making it convenient for nefarious actors seeking unauthorized access or data exfiltration.

Below is a code snippet that demonstrates the issue in the _feedback_system.php file

// Vulnerable Code in _feedback_system.php
if (isset($_POST['person'])){
    $person = $_POST['person'];

    // process feedback request
    $query = "SELECT * FROM feedback WHERE person='$person'";
    $result = mysqli_query($conn, $query);
    ...
}

As seen in the code snippet above, the $person variable is taken directly from user input ($_POST['person']) without any kind of sanitization or validation. This leaves room for attackers to inject malicious SQL statements, which will then be executed by the system as part of the query.

Exploit Details

The exploit consists of injecting a malicious SQL statement into the $_POST['person'] input field when interacting with the platform. For example, an attacker could send the following input:

' OR '1'='1

By injecting this input, the resulting query would be

SELECT * FROM feedback WHERE person='' OR '1'='1'

This statement would always be true, and the attacker could use this technique to access sensitive information stored in the feedback table, or potentially even execute more complex SQL commands depending on the database setup.

Mitigation

To address this vulnerability, it is crucial for developers to employ proper input validation and sanitation when handling user input, especially when dealing with SQL queries. One possible approach is to use prepared statements, which can help prevent SQL injection attacks. Here's an example of how the vulnerable code can be fixed using prepared statements:

// Fixed Code using Prepared Statements
if (isset($_POST['person'])){
    $person = $_POST['person'];

    // process feedback request
    $stmt = $conn->prepare("SELECT * FROM feedback WHERE person=?");
    $stmt->bind_param("s", $person);
    $stmt->execute();
    ...
}

This code snippet demonstrates the use of prepared statements and binds a specific variable ($person) to a specific parameter in the SQL query. By doing this, user input is automatically sanitized, and malicious SQL injections are prevented.

For more information on the vulnerability and its details, you can refer to the following resources

1. CVE-2025-0168 Official Entry
2. Code-Projects Job Recruitment 1. Documentation

Conclusion

This post has highlighted the critical nature of the CVE-2025-0168 vulnerability involving an SQL injection attack in Code-Projects Job Recruitment 1.. Since the exploit details are now public, users of this platform should prioritize patching their systems and ensuring the input validation and sanitation is adequately implemented to avoid future security breaches.

Timeline

Published on: 01/01/2025 14:15:23 UTC
Last modified on: 02/25/2025 21:26:07 UTC