CVE-2025-8247 is a SQL Injection vulnerability identified in version 1.0 of the Projectworlds Online Admission System, specifically affecting an unspecified portion of the /admin.php file. The vulnerability arises from improper sanitization or validation of the 'markof' parameter, which can be manipulated by an attacker to inject malicious SQL code. This injection flaw allows an unauthenticated remote attacker to execute arbitrary SQL commands against the backend database, potentially leading to unauthorized data access, data modification, or disruption of database operations. The vulnerability does not require user interaction and can be exploited remotely without authentication, increasing its risk profile. The CVSS 4.0 base score is 5.3, categorized as medium severity, reflecting the limited scope of impact on confidentiality, integrity, and availability, as well as the requirement for some privileges (PR:L) and the low complexity of the attack (AC:L). Although no public exploits have been observed in the wild yet, the disclosure of the exploit code increases the likelihood of exploitation attempts. The vulnerability affects only version 1.0 of the product, which is an online admission system likely used by educational institutions to manage student admissions and related data. Given the administrative nature of the affected endpoint, successful exploitation could compromise sensitive student records, admission decisions, and other critical data stored within the system's database.

For European organizations, particularly educational institutions using the Projectworlds Online Admission System version 1.0, this vulnerability poses a significant risk to the confidentiality and integrity of student and applicant data. Unauthorized access or manipulation of admission records could lead to privacy violations under GDPR, reputational damage, and potential legal consequences. Additionally, data tampering could disrupt admission processes, causing operational delays and undermining trust in the institution's systems. The ability to execute SQL commands remotely without authentication increases the threat level, as attackers could extract sensitive information or corrupt data without needing insider access. Although the CVSS score is medium, the critical nature of the data involved and the administrative context elevate the practical impact. European organizations must consider the regulatory implications of any data breach resulting from this vulnerability, including mandatory breach notifications and potential fines.

Given the absence of an official patch, European organizations should immediately implement compensating controls to mitigate risk. These include: 1) Restricting access to the /admin.php endpoint via network-level controls such as IP whitelisting or VPN-only access to limit exposure to trusted administrators; 2) Implementing Web Application Firewall (WAF) rules specifically designed to detect and block SQL injection attempts targeting the 'markof' parameter; 3) Conducting thorough input validation and sanitization on all parameters, especially 'markof', to prevent injection vectors; 4) Monitoring database and application logs for suspicious queries or anomalies indicative of exploitation attempts; 5) If possible, upgrading or migrating to a newer, patched version of the software or alternative admission systems; 6) Applying the principle of least privilege to database accounts used by the application to minimize potential damage from exploitation; 7) Educating administrative users about the vulnerability and encouraging vigilance for unusual system behavior. Organizations should also prepare incident response plans to quickly address any exploitation attempts.