CVE-2025-65125

9.8 CRITICAL
SQL Injection

📋 TL;DR

This SQL injection vulnerability in the online-movie-booking system allows attackers to execute arbitrary SQL commands through the movie_details.php endpoint. Attackers can potentially access, modify, or delete sensitive database information including user credentials, payment details, and personal data. All deployments using version 5.5 of gosaliajainam/online-movie-booking are affected.

💻 Affected Systems

Products:
  • gosaliajainam/online-movie-booking
Versions: 5.5
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Any deployment using the vulnerable movie_details.php file in version 5.5 is affected regardless of OS or web server.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, account takeover, payment fraud, and potential lateral movement to other systems.

🟠

Likely Case

Extraction of sensitive user data (passwords, emails, payment info) and potential privilege escalation.

🟢

If Mitigated

Limited information disclosure if proper input validation and parameterized queries are implemented.

🌐 Internet-Facing: HIGH - The movie_details.php endpoint is typically internet-facing and accessible to unauthenticated users.
🏢 Internal Only: MEDIUM - Internal deployments still vulnerable but with reduced attack surface.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SQL injection vulnerabilities are commonly weaponized, and the public reference suggests exploit details are available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

1. Check for updated version from the project repository. 2. If no patch exists, implement parameterized queries in movie_details.php. 3. Replace all direct SQL concatenation with prepared statements. 4. Add input validation for all user-supplied parameters.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection rules to block malicious requests

Input Sanitization

all

Add input validation and sanitization to movie_details.php parameters

// Example PHP sanitization: $id = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);

🧯 If You Can't Patch

  • Block external access to movie_details.php using firewall rules
  • Implement database user with read-only permissions for the application

🔍 How to Verify

Check if Vulnerable:

Test movie_details.php with SQL injection payloads like ' OR '1'='1 in parameters

Check Version:

Check the project files for version information or review the codebase structure

Verify Fix Applied:

Verify that parameterized queries are used and SQL injection payloads no longer work

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL error messages in web logs
  • Multiple requests with SQL keywords (UNION, SELECT, INSERT)

Network Indicators:

  • HTTP requests containing SQL syntax to movie_details.php endpoint

SIEM Query:

web_logs WHERE url LIKE '%movie_details.php%' AND (request_parameters CONTAINS 'UNION' OR request_parameters CONTAINS 'SELECT' OR request_parameters CONTAINS 'OR 1=1')

📊 Metadata

CVE ID: CVE-2025-65125
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: January 2, 2026
Last Updated: February 5, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-65125, you might also want to check these:

CVE-2025-10878 10.0

An unauthenticated SQL injection vulnerability in Fikir Odalari AdminPando 1.0.1 allows attackers to...

Same vulnerability type (CWE-89)
CVE-2025-63689 10.0

Multiple SQL injection vulnerabilities in the ycf1998 money-pos system allow remote attackers to exe...

Same vulnerability type (CWE-89)
CVE-2025-57792 10.0

CVE-2025-57792 is a critical SQL injection vulnerability in Explorance Blue software that allows una...

Same vulnerability type (CWE-89)