CVE-2025-13302: SQL Injection in code-projects Courier Management System
CVE-2025-13302 is a medium-severity SQL injection vulnerability affecting version 1. 0 of the code-projects Courier Management System. The flaw exists in the /add-new-officer. php file, where the ManagerName parameter is improperly sanitized, allowing remote attackers to inject malicious SQL commands. Exploitation requires no user interaction but does require high privileges, limiting attack vectors. Although no known exploits are currently in the wild, a public exploit is available, increasing risk. The vulnerability could lead to unauthorized data access or modification, impacting confidentiality, integrity, and availability of the system. European organizations using this software, especially logistics and courier services, could face data breaches or operational disruptions. Mitigation involves applying patches when available, implementing strict input validation, and restricting database user privileges. Countries with significant logistics sectors and adoption of this software, such as Germany, France, and the UK, are most likely to be affected.
AI Analysis
Technical Summary
CVE-2025-13302 identifies a SQL injection vulnerability in the Courier Management System version 1.0 developed by code-projects. The vulnerability resides in the /add-new-officer.php script, specifically in the handling of the ManagerName parameter. Due to insufficient input validation or sanitization, an attacker with high privileges can inject arbitrary SQL commands remotely, potentially manipulating the backend database. This could allow unauthorized retrieval, modification, or deletion of sensitive data stored within the system. The vulnerability does not require user interaction but does require the attacker to have elevated privileges, which limits the attack surface to insiders or compromised accounts. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no authentication required (AT:N), but high privileges (PR:H) are necessary. The impact on confidentiality, integrity, and availability is low to medium, reflecting limited scope and privilege requirements. No patches have been published yet, and no known exploits are actively used in the wild, but a public exploit exists, increasing the risk of exploitation. The Courier Management System is typically used by logistics and courier companies to manage personnel and operations, making the data involved sensitive and critical to business continuity.
Potential Impact
For European organizations, particularly those in the logistics and courier sectors, exploitation of this vulnerability could lead to unauthorized access to employee or operational data, manipulation of records, and potential disruption of courier services. This could result in data breaches involving personal or business-critical information, regulatory non-compliance (e.g., GDPR violations), and reputational damage. Operational disruptions could affect delivery schedules and customer satisfaction. Since the vulnerability requires high privileges, the risk is higher from insider threats or attackers who have already compromised privileged accounts. The availability of a public exploit increases the likelihood of opportunistic attacks if the system remains unpatched. Organizations relying on this software without adequate compensating controls are at increased risk.
Mitigation Recommendations
1. Monitor vendor communications closely and apply security patches immediately once available. 2. Implement strict input validation and sanitization on all user-supplied data, especially parameters like ManagerName. 3. Enforce the principle of least privilege by restricting database user permissions to only what is necessary for application functionality. 4. Conduct regular audits of user accounts and privileges to detect and remove unnecessary high-privilege access. 5. Employ web application firewalls (WAFs) configured to detect and block SQL injection attempts targeting the vulnerable endpoint. 6. Monitor logs for suspicious database queries or unusual activity related to /add-new-officer.php. 7. Educate internal users about the risks of credential compromise and enforce strong authentication mechanisms to reduce insider threat risks. 8. Consider network segmentation to isolate critical systems and limit exposure.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain
CVE-2025-13302: SQL Injection in code-projects Courier Management System
Description
CVE-2025-13302 is a medium-severity SQL injection vulnerability affecting version 1. 0 of the code-projects Courier Management System. The flaw exists in the /add-new-officer. php file, where the ManagerName parameter is improperly sanitized, allowing remote attackers to inject malicious SQL commands. Exploitation requires no user interaction but does require high privileges, limiting attack vectors. Although no known exploits are currently in the wild, a public exploit is available, increasing risk. The vulnerability could lead to unauthorized data access or modification, impacting confidentiality, integrity, and availability of the system. European organizations using this software, especially logistics and courier services, could face data breaches or operational disruptions. Mitigation involves applying patches when available, implementing strict input validation, and restricting database user privileges. Countries with significant logistics sectors and adoption of this software, such as Germany, France, and the UK, are most likely to be affected.
AI-Powered Analysis
Technical Analysis
CVE-2025-13302 identifies a SQL injection vulnerability in the Courier Management System version 1.0 developed by code-projects. The vulnerability resides in the /add-new-officer.php script, specifically in the handling of the ManagerName parameter. Due to insufficient input validation or sanitization, an attacker with high privileges can inject arbitrary SQL commands remotely, potentially manipulating the backend database. This could allow unauthorized retrieval, modification, or deletion of sensitive data stored within the system. The vulnerability does not require user interaction but does require the attacker to have elevated privileges, which limits the attack surface to insiders or compromised accounts. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no authentication required (AT:N), but high privileges (PR:H) are necessary. The impact on confidentiality, integrity, and availability is low to medium, reflecting limited scope and privilege requirements. No patches have been published yet, and no known exploits are actively used in the wild, but a public exploit exists, increasing the risk of exploitation. The Courier Management System is typically used by logistics and courier companies to manage personnel and operations, making the data involved sensitive and critical to business continuity.
Potential Impact
For European organizations, particularly those in the logistics and courier sectors, exploitation of this vulnerability could lead to unauthorized access to employee or operational data, manipulation of records, and potential disruption of courier services. This could result in data breaches involving personal or business-critical information, regulatory non-compliance (e.g., GDPR violations), and reputational damage. Operational disruptions could affect delivery schedules and customer satisfaction. Since the vulnerability requires high privileges, the risk is higher from insider threats or attackers who have already compromised privileged accounts. The availability of a public exploit increases the likelihood of opportunistic attacks if the system remains unpatched. Organizations relying on this software without adequate compensating controls are at increased risk.
Mitigation Recommendations
1. Monitor vendor communications closely and apply security patches immediately once available. 2. Implement strict input validation and sanitization on all user-supplied data, especially parameters like ManagerName. 3. Enforce the principle of least privilege by restricting database user permissions to only what is necessary for application functionality. 4. Conduct regular audits of user accounts and privileges to detect and remove unnecessary high-privilege access. 5. Employ web application firewalls (WAFs) configured to detect and block SQL injection attempts targeting the vulnerable endpoint. 6. Monitor logs for suspicious database queries or unusual activity related to /add-new-officer.php. 7. Educate internal users about the risks of credential compromise and enforce strong authentication mechanisms to reduce insider threat risks. 8. Consider network segmentation to isolate critical systems and limit exposure.
Affected Countries
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-11-17T14:10:10.707Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 691b98f601a6b16707f49d42
Added to database: 11/17/2025, 9:51:50 PM
Last enriched: 11/24/2025, 10:16:15 PM
Last updated: 1/7/2026, 6:07:52 AM
Views: 440
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-14835: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in opajaap WP Photo Album Plus
HighCVE-2026-0650: CWE-306 Missing Authentication for Critical Function in OpenFlagr Flagr
CriticalCVE-2025-15474: CWE-770 Allocation of Resources Without Limits or Throttling in AuntyFey AuntyFey Smart Combination Lock
MediumCVE-2025-14468: CWE-352 Cross-Site Request Forgery (CSRF) in mohammed_kaludi AMP for WP – Accelerated Mobile Pages
MediumCVE-2025-9611: CWE-749 Exposed Dangerous Method or Function in Microsoft Playwright
HighActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.