CVE-2025-5858
BaseFortify
Publication date: 2025-06-09
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| phpgurukul | nipah_virus_testing_management_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-5858 is a critical SQL injection vulnerability in the Nipah Virus Testing Management System version 1.0, specifically in the /patient-report.php file. The vulnerability occurs because the application accepts user input through the 'searchdata' parameter without proper sanitization or validation. This unsanitized input is directly used in SQL queries, allowing attackers to inject malicious SQL code. This can lead to unauthorized database operations such as data leakage, modification, or deletion. [1, 3]
How can this vulnerability impact me? :
Exploiting this vulnerability allows attackers to remotely execute arbitrary SQL commands on the database. This can result in unauthorized access to sensitive data, data leakage, modification or deletion of data, full system control, and disruption of services. The vulnerability threatens the confidentiality, integrity, and availability of the system, potentially impacting business continuity and system security. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the /patient-report.php endpoint for SQL injection via the 'searchdata' parameter. You can use tools like sqlmap to automate detection. For example, run a command such as: sqlmap -u "http://target/nipah-tms/patient-report.php" --data="searchdata=123" --risk=3 --level=5 to test for SQL injection. Additionally, manual testing can be done by sending POST requests with payloads like: searchdata=123%' AND 6743=6743 AND 'Tkka%'='Tkka (Boolean-based) or searchdata=123%' AND (SELECT 6473 FROM (SELECT(SLEEP(5)))USgQ) AND 'LzPT%'='LzPT (Time-based) to observe behavior changes indicating injection. [3, 2, 1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Implement prepared statements with parameter binding to separate SQL code from user input, preventing injection. 2) Apply rigorous input validation and filtering on the 'searchdata' parameter to ensure only expected input formats are accepted. 3) Restrict database user permissions to the minimum necessary, avoiding use of high-privilege accounts for routine operations. 4) If possible, replace the affected component with an alternative product as no known countermeasures have been published. These steps help protect data integrity and system security. [3, 2]