Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2025-13254

CVE-2025-13254: Advanced Library Management System SQLi

CVE-2025-13254 is a SQL injection vulnerability in Projectworlds Advanced Library Management System 1.0 affecting the add_member.php file. This article covers technical details, affected versions, security impact, and mitigation.

Published:

CVE-2025-13254 Overview

CVE-2025-13254 is a SQL injection vulnerability in Projectworlds Advanced Library Management System version 1.0. The flaw resides in the /add_member.php script, where the roll_number parameter is passed to the backend database without proper sanitization. Attackers can manipulate this argument to inject arbitrary SQL statements against the underlying database.

The vulnerability is remotely exploitable over the network and requires low-privilege authentication. A public exploit has been disclosed, increasing the likelihood of opportunistic abuse against exposed instances. The issue is tracked under [CWE-89] SQL Injection and [CWE-74] Improper Neutralization of Special Elements in Output.

Critical Impact

Authenticated remote attackers can inject SQL queries through the roll_number parameter in /add_member.php, enabling unauthorized read and write access to library database records.

Affected Products

  • Projectworlds Advanced Library Management System 1.0
  • CPE: cpe:2.3:a:projectworlds:advanced_library_management_system:1.0
  • Component: add_member.php (roll_number parameter)

Discovery Timeline

  • 2025-11-17 - CVE-2025-13254 published to NVD
  • 2026-04-29 - Last updated in NVD database

Technical Details for CVE-2025-13254

Vulnerability Analysis

The vulnerability exists in the member registration workflow of Projectworlds Advanced Library Management System 1.0. The /add_member.php endpoint accepts a roll_number parameter and incorporates it directly into a SQL statement without parameterization or input validation. Attackers submit crafted values for roll_number that break out of the intended query context.

Because exploitation occurs over the network and requires only low-privileged credentials, any authenticated user of the library application can target the database. The publicly available proof of concept lowers the barrier for opportunistic attackers scanning for vulnerable Projectworlds deployments.

Root Cause

The root cause is improper neutralization of special elements used in an SQL command [CWE-89]. The application concatenates user-supplied input from the roll_number field into a SQL query string rather than using prepared statements or parameterized queries. PHP code in add_member.php passes the raw POST or GET value into mysqli_query() or an equivalent database call.

Attack Vector

An authenticated attacker sends an HTTP request to /add_member.php with a malicious payload supplied through the roll_number parameter. Typical SQL injection payloads include boolean-based, union-based, and time-based blind techniques. Successful exploitation allows extraction of database contents, modification of member records, or pivoting to administrative functions. Technical details and a proof of concept are documented in the GitHub CVE Report and VulDB entry #332589.

Detection Methods for CVE-2025-13254

Indicators of Compromise

  • HTTP POST or GET requests to /add_member.php containing SQL metacharacters such as single quotes, UNION SELECT, SLEEP(, --, or OR 1=1 in the roll_number field.
  • Database errors logged by the web application referencing the roll_number column or the member table.
  • Unexpected new rows, modified entries, or privilege changes in the library member database tables.
  • Outbound DNS or HTTP callbacks originating from the database server during member registration activity.

Detection Strategies

  • Deploy web application firewall rules that flag SQL injection signatures targeting the roll_number parameter on /add_member.php.
  • Enable database query logging and alert on syntactically anomalous statements originating from the library application user.
  • Correlate web server access logs with database audit logs to identify suspicious sequences of failed and successful queries from the same source IP.

Monitoring Recommendations

  • Monitor authentication logs for low-privilege accounts performing repeated requests to /add_member.php from a single IP address.
  • Track HTTP 500 response rates on the member registration endpoint as an early indicator of injection probing.
  • Baseline normal query patterns for the library database and alert on deviations such as INFORMATION_SCHEMA access.

How to Mitigate CVE-2025-13254

Immediate Actions Required

  • Restrict network access to the Projectworlds Advanced Library Management System using firewall rules or VPN-only access until a patch is available.
  • Revoke or rotate credentials for any low-privilege accounts that are not strictly required to use the application.
  • Review web server and database logs for prior exploitation attempts against /add_member.php.

Patch Information

No vendor patch is referenced in the NVD entry at the time of publication. Administrators should monitor the Projectworlds vendor channels and the VulDB advisory for updated guidance. If the application is used in a learning or non-production context, consider decommissioning the deployment.

Workarounds

  • Apply a web application firewall rule that blocks SQL metacharacters in the roll_number parameter on requests to /add_member.php.
  • Modify the source of add_member.php to use prepared statements with bound parameters via mysqli_prepare() or PDO equivalents.
  • Enforce least-privilege database accounts so the application user cannot read or modify tables outside the library schema.
  • Disable the member registration feature in production deployments where it is not required.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.