📄 Description (English)
Web Ofisi Firma Rehberi v1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through GET parameters. Attackers can send requests to with malicious payloads in the 'il', 'kat', or 'kelime' parameters to extract sensitive database information or perform time-based blind SQL injection attacks.
🤖 AI Executive Summary
CVE-2019-25458 is a critical SQL injection vulnerability in Web Ofisi Firma Rehberi v1.0.0 that allows unauthenticated attackers to manipulate database queries through GET parameters ('il', 'kat', 'kelime'). With a CVSS score of 8.2 and publicly available exploits, this vulnerability poses an immediate risk to organizations using this business directory application. Attackers can extract sensitive data or perform blind SQL injection attacks without authentication.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: Apr 25, 2026 06:39
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability primarily affects Saudi organizations using Web Ofisi Firma Rehberi for business directory management, including: Government agencies (NCA, municipalities) maintaining business registries; Small and medium enterprises (SMEs) using the platform for directory services; Chamber of Commerce and industry associations; Real estate and commercial listing services. The SQL injection vulnerability could lead to unauthorized access to sensitive business information, customer databases, and potentially financial records. Organizations in the commercial and government sectors managing business directories face the highest risk of data breach and regulatory non-compliance with SAMA and NCA requirements.
🏢 Affected Saudi Sectors
Government
Commerce and Trade
Small and Medium Enterprises
Real Estate
Professional Services
Chamber of Commerce
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
8.5
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:
1. Identify all instances of Web Ofisi Firma Rehberi v1.0.0 in your environment and isolate affected systems from production networks if possible
2. Review access logs for suspicious GET requests containing SQL keywords (UNION, SELECT, OR, AND, etc.) in 'il', 'kat', or 'kelime' parameters
3. Implement Web Application Firewall (WAF) rules to block SQL injection patterns in these parameters
PATCHING:
4. Upgrade immediately to the patched version of Web Ofisi Firma Rehberi (version > 1.0.0)
5. Apply vendor security updates and test in non-production environment before deployment
COMPENSATING CONTROLS (if patching delayed):
6. Implement input validation and parameterized queries at the application layer
7. Apply strict output encoding for all database query results
8. Restrict database user permissions to minimum required privileges
9. Enable database query logging and monitoring for suspicious patterns
DETECTION:
10. Deploy IDS/IPS signatures to detect SQL injection attempts in HTTP GET parameters
11. Monitor for time-based blind SQL injection indicators (unusual response delays)
12. Set up alerts for multiple failed database queries or unusual database access patterns
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. حدد جميع نسخ Web Ofisi Firma Rehberi v1.0.0 في بيئتك وعزل الأنظمة المتأثرة عن شبكات الإنتاج إن أمكن
2. راجع سجلات الوصول للطلبات المريبة التي تحتوي على كلمات SQL الرئيسية (UNION و SELECT و OR و AND وغيرها) في معاملات 'il' و 'kat' و 'kelime'
3. طبق قواعد جدار حماية تطبيقات الويب (WAF) لحجب أنماط حقن SQL في هذه المعاملات
التصحيح:
4. قم بالترقية فوراً إلى النسخة المصححة من Web Ofisi Firma Rehberi (الإصدار > 1.0.0)
5. طبق تحديثات أمان البائع واختبر في بيئة غير الإنتاج قبل النشر
الضوابط البديلة (إذا تأخر التصحيح):
6. طبق التحقق من صحة المدخلات والاستعلامات المعاملة على مستوى التطبيق
7. طبق ترميز الإخراج الصارم لجميع نتائج استعلامات قاعدة البيانات
8. قيد أذونات مستخدم قاعدة البيانات بالحد الأدنى المطلوب
9. فعّل تسجيل استعلامات قاعدة البيانات والمراقبة للأنماط المريبة
الكشف:
10. نشر توقيعات نظام كشف/منع الاختراق (IDS/IPS) للكشف عن محاولات حقن SQL في معاملات HTTP GET
11. راقب مؤشرات هجمات حقن SQL العمياء المستندة إلى الوقت (تأخيرات الاستجابة غير المعتادة)
12. قم بإعداد تنبيهات لاستعلامات قاعدة البيانات المتعددة الفاشلة أو أنماط الوصول غير المعتادة
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
ECC 2024 A.5.1.1 - Information Security Policies and Procedures
ECC 2024 A.6.1.2 - Access Control and Authentication
ECC 2024 A.12.2.1 - Change Management
ECC 2024 A.14.2.1 - Secure Development and Testing
🔵 SAMA CSF
SAMA CSF ID.GV-1 - Organizational Governance
SAMA CSF PR.AC-1 - Access Control
SAMA CSF PR.DS-2 - Data Security
SAMA CSF DE.CM-1 - Detection and Analysis
🟡 ISO 27001:2022
ISO 27001:2022 A.5.1 - Policies for Information Security
ISO 27001:2022 A.6.1 - Organizational Controls
ISO 27001:2022 A.8.1 - User Access Management
ISO 27001:2022 A.14.2 - Secure Development
🟣 PCI DSS v4.0.1
PCI DSS 6.5.1 - Injection Flaws Prevention
PCI DSS 6.2 - Security Patches and Updates
PCI DSS 10.2 - User Access Logging
🔗 References & Sources 3
🔗
https://www.exploit-db.com/exploits/47143
disclosure@vulncheck.com
Exploit
VDB Entry
🔗
https://www.vulncheck.com/advisories/web-ofisi-firma-rehberi-sql-injection-via-firmalar...
disclosure@vulncheck.com
Broken Link
🔗
https://www.web-ofisi.com/detay/firma-rehberi-scripti-v1.html
disclosure@vulncheck.com
Product
📦 Affected Products / CPE 1 entries
web-ofisi:firma_rehberi:1.0.0