CVE-2025-7197 is a SQL Injection vulnerability identified in version 1.0 of the code-projects product named Jonnys Liquor. The vulnerability exists in the /admin/delete-row.php file, specifically through improper handling of the 'ID' parameter. An attacker can remotely manipulate this parameter to inject malicious SQL code, potentially allowing unauthorized access to or modification of the backend database. The vulnerability does not require any authentication or user interaction, making it remotely exploitable over the network. The CVSS 4.0 base score is 6.9, indicating a medium severity level. The vector details (AV:N/AC:L/AT:N/PR:N/UI:N) confirm that the attack can be launched remotely without privileges or user interaction. The impact on confidentiality, integrity, and availability is rated low individually, but collectively they contribute to the overall medium severity. No patches or mitigations have been published yet, and there are no known exploits in the wild at the time of disclosure. The vulnerability's presence in an administrative script suggests that successful exploitation could lead to unauthorized deletion or modification of database records, potentially disrupting business operations or exposing sensitive data.

For European organizations using Jonnys Liquor 1.0, this vulnerability poses a significant risk. Since the flaw allows remote SQL injection without authentication, attackers could compromise the integrity and confidentiality of business-critical data stored in the backend database. This could lead to unauthorized data disclosure, data tampering, or deletion of records, which may disrupt operations, damage reputation, and lead to regulatory non-compliance under GDPR if personal data is involved. The administrative nature of the vulnerable endpoint increases the risk of impactful data manipulation. Additionally, the public disclosure of the vulnerability increases the likelihood of exploitation attempts, especially against unpatched systems. Organizations relying on this software for inventory, sales, or customer management should be particularly vigilant. The medium CVSS score suggests moderate risk, but the lack of authentication and remote exploitability elevate the threat level in practical scenarios.

Given the absence of an official patch, European organizations should implement immediate compensating controls. These include restricting network access to the /admin/delete-row.php endpoint via firewall rules or VPN-only access to limit exposure. Input validation and parameterized queries should be implemented to sanitize the 'ID' parameter, preventing injection attacks. If source code access is available, developers should refactor the vulnerable code to use prepared statements or stored procedures. Monitoring and logging of database queries and web server access should be enhanced to detect suspicious activity. Organizations should also conduct thorough audits of database integrity and backups to enable recovery in case of data manipulation. Finally, organizations should track vendor updates closely and apply official patches as soon as they become available.