EUVD-2025-17047Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /appointment.php. The manipulation of the argument patient leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
AnalysisAI
Critical SQL injection vulnerability in SourceCodester Open Source Clinic Management System 1.0 affecting the /appointment.php file's patient parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially compromising data confidentiality, integrity, and availability. The exploit has been publicly disclosed with proof-of-concept availability, significantly elevating real-world exploitation risk.
Technical ContextAI
The vulnerability exists in PHP-based web application code handling HTTP request parameters without proper input validation or parameterized query usage. The patient parameter in /appointment.php is directly concatenated into SQL queries without sanitization, allowing SQL injection attacks. This falls under CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component - 'Injection'), specifically manifesting as CWE-89 (SQL Injection). The affected product is a medical clinic management system written in PHP that processes appointment-related database queries. The root cause is the absence of prepared statements, parameterized queries, or input validation mechanisms that should filter special SQL characters or use type-safe query construction methods.
RemediationAI
Immediate actions: (1) Apply vendor patches - contact SourceCodester for CVE-2025-5712 security updates; check official repository/website for patched version (likely 1.0.1 or 2.0); (2) If patch unavailable, implement input validation: whitelist/validate patient parameter to accept only expected formats (numeric IDs, specific alphanumeric patterns); (3) Use prepared statements: replace all direct SQL concatenation with parameterized queries using PHP PDO or mysqli prepared statement APIs (e.g., $stmt = $pdo->prepare('SELECT * FROM appointments WHERE patient_id = ?'); $stmt->execute([$patient])); (4) Apply Web Application Firewall (WAF) rules to detect/block SQL injection patterns in appointment.php requests; (5) Implement principle of least privilege - database user account running queries should have minimal required permissions; (6) Enable SQL error suppression to prevent information leakage through error messages; (7) Conduct database audit for unauthorized access/data exfiltration since POC is public.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today