EUVD-2025-21272
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
4Description
A vulnerability has been found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /get_town.php. The manipulation of the argument countryid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Analysis
CVE-2025-7541 is a critical SQL injection vulnerability in code-projects Online Appointment Booking System version 1.0, affecting the /get_town.php endpoint where the 'countryid' parameter is inadequately sanitized. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion of the appointment booking system database. The vulnerability has been publicly disclosed with proof-of-concept code available, significantly increasing real-world exploitation risk.
Technical Context
This vulnerability is classified as CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component), which manifests as a classic SQL injection flaw. The affected component is the /get_town.php file in code-projects Online Appointment Booking System 1.0 (CPE identifier: cpe:2.3:a:code-projects:online_appointment_booking_system:1.0:*:*:*:*:*:*:*). The root cause is the failure to properly validate, sanitize, or parameterize user input (specifically the 'countryid' parameter) before incorporating it into SQL query construction. The application likely concatenates user input directly into SQL statements without using prepared statements or parameterized queries, allowing attackers to inject malicious SQL syntax.
Affected Products
[{'product': 'code-projects Online Appointment Booking System', 'versions': ['1.0'], 'cpe': 'cpe:2.3:a:code-projects:online_appointment_booking_system:1.0:*:*:*:*:*:*:*', 'affected_component': '/get_town.php', 'affected_parameter': 'countryid', 'vendor': 'code-projects'}]
Remediation
[{'type': 'Primary Remediation', 'action': "Apply security patch or upgrade to a patched version of code-projects Online Appointment Booking System if available from the vendor. Check the vendor's official advisory and security portal for available patches.", 'priority': 'CRITICAL'}, {'type': 'Code-Level Mitigation', 'action': 'Implement parameterized queries (prepared statements) for all database interactions in /get_town.php. Replace direct string concatenation with parameter binding to ensure user input cannot alter SQL query structure. Example: Use prepared statements with placeholders (?) instead of concatenating the countryid parameter directly into the SQL query.', 'priority': 'CRITICAL'}, {'type': 'Input Validation', 'action': "Implement strict input validation on the 'countryid' parameter. Validate that the input is a valid integer and matches expected country ID values from a whitelist. Reject any input that does not conform to expected format.", 'priority': 'HIGH'}, {'type': 'Web Application Firewall', 'action': 'Deploy or configure a Web Application Firewall (WAF) with SQL injection detection and prevention rules to block malicious SQL payloads targeting /get_town.php before they reach the application.', 'priority': 'MEDIUM'}, {'type': 'Database Permissions', 'action': 'Apply principle of least privilege to database credentials used by the application. Restrict the database user account to only the minimum permissions required for appointment booking operations.', 'priority': 'MEDIUM'}, {'type': 'Monitoring', 'action': 'Implement database query monitoring and anomaly detection to identify potential SQL injection attempts or suspicious database activity. Monitor logs for unusual query patterns.', 'priority': 'MEDIUM'}]
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today