CVE-2025-7886

HIGH

pmTicket Project-Management-Software <2ef379da2075f4761a2c9029cf91d...

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-7886. PoCs published by allannjuguna.

AI-analyzed exploit summary The repository contains a technical writeup describing an unauthenticated SQL injection vulnerability in PmTicket via the `getUserLanguage` function's `user_id` parameter. It includes a high-level description and a link to an asciicast demonstrating the exploit.

Description

A vulnerability, which was classified as critical, was found in pmTicket Project-Management-Software up to 2ef379da2075f4761a2c9029cf91d073474e7486. This affects the function getUserLanguage of the file classes/class.database.php. The manipulation of the argument user_id leads to sql injection. It is possible to initiate the attack remotely. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.

Exploits (1)

github WRITEUP 1 stars

by allannjuguna · pythonpoc

https://github.com/allannjuguna/Exploit-Development/tree/main/CVEs/CVE-2025-7886

View Code ZIP pw:eip

The repository contains a technical writeup describing an unauthenticated SQL injection vulnerability in PmTicket via the `getUserLanguage` function's `user_id` parameter. It includes a high-level description and a link to an asciicast demonstrating the exploit.

Classification

Writeup 80%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: PmTicket (version unspecified)

No auth needed

Prerequisites: Network access to the vulnerable PmTicket instance

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Jun 17, 2026 Full analysis →

References (4)

Core 4

Core References

Permissions Required, VDB Entry vdb-entry technical-description

https://vuldb.com/?id.317001

Permissions Required, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.317001

Permissions Required, VDB Entry third-party-advisory

https://vuldb.com/?submit.614534

Various Sources related

https://asciinema.org/a/3wu3WGpnrnMc2GDvSyLUqqHUF

Scores

CVSS v3 7.3

EPSS 0.0036

EPSS Percentile 27.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-74 CWE-89

Status published

Products (1)

pmTicket/Project-Management-Software 2ef379da2075f4761a2c9029cf91d073474e7486

Published Jul 20, 2025

Tracked Since Feb 18, 2026