SQL Injection Vulnerability in Codeastro Bus Ticket Booking System

CVE-2025-25775

What is CVE-2025-25775?

The Codeastro Bus Ticket Booking System version 1.0 contains a SQL injection vulnerability which can be exploited through the 'kodetiket' parameter in the /BusTicket-CI/tiket/cekorder endpoint. This flaw allows an attacker to execute arbitrary SQL queries, potentially compromising the database's contents and integrity. Proper input validation and parameterized queries are crucial to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References