CVE-2025-13811 identifies a SQL injection vulnerability in the jsnjfz WebStack-Guns 1.0 product, specifically within the source file src/main/java/com/jsnjfz/manage/core/common/constant/factory/PageFactory.java. The vulnerability arises from improper handling of the 'sort' parameter, which is used in SQL queries without adequate sanitization or parameterization. This flaw allows an attacker to craft malicious input that alters the intended SQL command, potentially enabling unauthorized data retrieval, modification, or deletion. The attack vector is remote network access, and exploitation requires low privileges but no user interaction, increasing the risk of automated attacks. The vendor was informed early but has not responded or released a patch, while exploit details have been publicly disclosed, raising the urgency for defensive measures. The CVSS 4.0 score is 5.3 (medium), reflecting the moderate impact and ease of exploitation. The vulnerability affects only version 1.0 of WebStack-Guns, a web application framework or platform, which may be used in various organizational environments. Lack of vendor response and public exploit availability heighten the threat landscape, necessitating immediate mitigation.

The SQL injection vulnerability in WebStack-Guns 1.0 can lead to unauthorized access to sensitive data, data corruption, or deletion, compromising confidentiality, integrity, and availability of affected systems. Attackers could extract database contents, manipulate records, or disrupt application functionality. Since the exploit can be launched remotely without user interaction and requires only low privileges, automated attacks and worm-like propagation are possible. Organizations relying on this software for web applications may face data breaches, service outages, and reputational damage. The absence of a vendor patch increases exposure duration, potentially inviting targeted attacks or inclusion in exploit kits. The medium CVSS score reflects moderate impact, but real-world consequences depend on the data sensitivity and deployment context. Critical business functions relying on WebStack-Guns could be disrupted, and compliance violations may occur if sensitive data is exposed.

Organizations should immediately implement strict input validation and sanitization for all parameters, especially the 'sort' argument, to prevent injection of malicious SQL code. Employ prepared statements or parameterized queries in the affected codebase to eliminate direct concatenation of user input into SQL commands. If source code access is available, refactor the PageFactory.java file to enforce these secure coding practices. In the absence of an official patch, consider deploying Web Application Firewalls (WAFs) with custom rules to detect and block SQL injection patterns targeting the 'sort' parameter. Monitor logs for unusual query patterns or repeated failed attempts indicative of exploitation attempts. Restrict database user privileges to the minimum necessary to limit potential damage. Engage in threat hunting to identify any signs of compromise. Plan for migration to a patched or alternative solution once available. Coordinate with internal security teams to raise awareness and prepare incident response plans specific to this vulnerability.