Skip to content

Add CVE-2025-6403 template for School Fees Payment System SQL injection #13791

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

Add CVE-2025-6403 template for School Fees Payment System SQL injection #13791

wants to merge 3 commits into from

Conversation

@rishi-jat
Copy link

@rishi-jat rishi-jat commented Nov 1, 2025
edited
Loading

/clam #13785

Template / PR Information

This template detects a confirmed SQL injection vulnerability in /student.php of Code-projects School Fees Payment System v1.0.
It includes union-based, error-based, and time-based SQLi checks without relying on version-based detection.

Template Validation

I've validated this template locally?

  • YES
  • NO

Validation details:
Tested against a locally hosted vulnerable setup (from tuooo/CVE).

  • Union-based payload returns md5(999999999) in response.
  • Error-based payload triggers MySQL syntax error.
  • Time-based payload induces ~5s delay.

Additional Details

  • Shodan Query: title:"School Fees Payment System"

  • Fofa Query: title="School Fees Payment System"

  • Matched Response Snippet:

  • Docker Environment: Tested using vulnerable environment from tuooo/CVE#16

Additional References

@rishi-jat
Add CVE-2025-6403 template for School Fees Payment System SQL injection
ab3d162 
- Detects SQL injection in code-projects School Fees Payment System v1.0
- Vulnerability in /student.php via ID parameter manipulation
- Includes union-based, error-based, and time-based detection methods
- Complete POC with proper matchers to avoid false positives
- Fixes projectdiscovery#13785
@rishi-jat
Enhance CVE-2025-6403 template with professional POC structure
8214383 
- Improved description focusing on POC capabilities
- Enhanced union-based detection with proper MD5 verification
- Added sophisticated error-based payload using CONCAT/FLOOR
- Implemented time-based detection with 12s timeout
- Added extractors for hash and error pattern capture
- Used modern syntax with proper comments and structure
- Follows ProjectDiscovery template best practices
@github-actions github-actions bot requested a review from ritikchaddha November 1, 2025 19:05
@rishi-jat
Copy link
Author

rishi-jat commented Nov 1, 2025

@princechaddha please review when you get a chance. Thank you

@rishi-jat
Copy link
Author

rishi-jat commented Nov 1, 2025

/cc @DhiyaneshGeek

@rishi-jat
Add complete metadata for CVE-2025-6403 template
c5c4d8b 
- Added verified: true status
- Added max-request: 3 count
- Added kev: true as mentioned in issue
- Added shodan/fofa queries for discovery
- Added EPSS scores for completeness
- Template now fully complies with ProjectDiscovery standards
@Akokonunes
Copy link
Contributor

Akokonunes commented Nov 3, 2025

Hi @rishi-jat,

Thank you for participating in the bounty claim. Since the pull request at [projectdiscovery/nuclei-templates#13786](#13786) meets our requirements, we’ll be proceeding with that submission. Therefore, this PR will be closed.

@Akokonunes Akokonunes closed this Nov 3, 2025
@rishi-jat
Copy link
Author

rishi-jat commented Nov 3, 2025

@Akokonunes okay, got it. Please can you tell me the open Bounty issue where i can contribute? Also it's the second time my PR has been close 🙂 one the issue was already fixed but not closed and this one.

@Akokonunes
Copy link
Contributor

Akokonunes commented Nov 3, 2025
edited by DhiyaneshGeek
Loading

Hello @rishi-jat

The template bounty is always listed in the issues section of the nuclei-templates repository.

you can find them over here :- https://github.com/projectdiscovery/nuclei-templates/issues?q=is%3Aissue%20state%3Aopen%20label%3A%22%F0%9F%92%8E%20Bounty%22

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ritikchaddha ritikchaddha Awaiting requested review from ritikchaddha

Assignees

@Akokonunes Akokonunes

Labels

🙋 Bounty claim Done Ready to merge

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rishi-jat @Akokonunes