## https://sploitus.com/exploit?id=58612DCB-4135-5802-A7F5-5BCC67FBB711
# CVE-2025-69216: OpenSTAManager has a SQL Injection in Scadenzario Print Template
## Overview
| Field | Details |
|---|---|
| **CVE ID** | CVE-2025-69216 |
| **Vulnerability Type** | SQL Injection |
| **Severity** | HIGH |
| **Discovered by** | [Lukasz Rybak](https://github.com/lukasz-rybak) |
## Description
### Summary
An **authenticated SQL Injection vulnerability** in OpenSTAManager's Scadenzario (Payment Schedule) print template allows any authenticated user to extract sensitive data from the database, including admin credentials, customer information, and financial records. The vulnerability enables complete database read access through error-based SQL injection techniques.
### Details
The vulnerability exists in `templates/scadenzario/init.php` at **line 46**, where the `id_anagrafica` parameter is directly concatenated into an SQL query without proper sanitization:
**Vulnerable Code:**
```php
if (get('id_anagrafica') && get('id_anagrafica') != 'null') {
$module_query = str_replace('1=1', '1=1 AND `co_scadenziario`.`idanagrafica`="'.get('id_anagrafica').'"', $module_query);
$i...
## Affected Products
- **devcode-it/openstamanager** (versions: <= 2.9.8)
## CWE Classification
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
## References
- https://github.com/devcode-it/openstamanager/security/advisories/GHSA-q6g3-fv43-m2w6
- https://nvd.nist.gov/vuln/detail/CVE-2025-69216
- https://github.com/advisories/GHSA-q6g3-fv43-m2w6
## Disclaimer
This CVE was responsibly disclosed following coordinated vulnerability disclosure practices. The information provided here is for educational and defensive purposes only.