CVE-2025-7198 is a critical SQL Injection vulnerability identified in version 1.0 of the code-projects product named Jonnys Liquor. The vulnerability exists in the /admin/admin-area.php file, specifically through improper sanitization or validation of the 'drink' parameter. An attacker can remotely exploit this flaw by manipulating the 'drink' argument to inject malicious SQL code. This can lead to unauthorized access or modification of the backend database, potentially exposing sensitive data or allowing further compromise of the application or underlying system. The vulnerability requires no authentication or user interaction, making it remotely exploitable by any attacker with network access to the affected application. The CVSS 4.0 base score is 6.9, indicating a medium severity level, with attack vector being network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N). The impact on confidentiality, integrity, and availability is low to limited (VC:L, VI:L, VA:L), suggesting that while exploitation is feasible, the extent of damage may be constrained by the application's design or database permissions. No known exploits are currently reported in the wild, and no patches or mitigations have been published yet. The vulnerability disclosure is recent (July 2025), and the affected product appears to be a niche or specialized application, possibly used in hospitality or retail sectors for liquor management or sales.

For European organizations using Jonnys Liquor 1.0, this vulnerability poses a significant risk of data breach or unauthorized database manipulation. Attackers could extract sensitive customer or business data, alter inventory or sales records, or escalate privileges within the system. Given the administrative nature of the vulnerable endpoint, compromise could lead to full control over the application backend. This could disrupt business operations, cause financial losses, and damage reputation. Additionally, if the database contains personal data of EU citizens, exploitation could lead to violations of GDPR requirements, resulting in legal and regulatory consequences. The remote and unauthenticated nature of the vulnerability increases the risk of automated attacks or mass scanning campaigns targeting vulnerable installations across Europe. Organizations in sectors such as hospitality, retail, or distribution that rely on this software for inventory or sales management are particularly at risk.

Immediate mitigation steps include restricting network access to the /admin/admin-area.php endpoint to trusted IP addresses or VPN users only, thereby reducing exposure to external attackers. Implementing a Web Application Firewall (WAF) with rules to detect and block SQL injection patterns targeting the 'drink' parameter can provide temporary protection. Organizations should conduct a thorough code review and apply input validation and parameterized queries or prepared statements to eliminate SQL injection vectors. Since no official patch is currently available, contacting the vendor for guidance or updates is critical. Regularly monitoring logs for suspicious queries or access attempts to the admin area can help detect exploitation attempts early. Additionally, organizations should audit database permissions to ensure the application operates with the least privilege necessary, limiting the potential damage from a successful injection. Finally, planning for an update or migration to a patched version once available is essential to fully remediate the vulnerability.