CVE-2025-6570
BaseFortify
Publication date: 2025-06-24
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| anujk305 | hospital_management_system | 4.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6570 is a critical SQL injection vulnerability in PHPGurukul Hospital Management System version 4.0, specifically in the /doctor/search.php file. It arises from improper handling of the 'searchdata' parameter, allowing remote attackers to inject malicious SQL commands. The vulnerability combines time-based blind SQL injection and Union-based SQL injection techniques, enabling attackers to execute arbitrary SQL queries to extract sensitive information or alter database contents without authentication. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by compromising the confidentiality, integrity, and availability of the affected system. Attackers can remotely execute arbitrary SQL commands to extract sensitive data, modify database contents, or disrupt system operations. Since the exploit is publicly available and easy to execute, it poses a significant risk of unauthorized data access and potential system manipulation. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the `searchdata` parameter in the `/doctor/search.php` endpoint for SQL injection vulnerabilities. Attackers can identify vulnerable targets using Google dorking with the query `inurl:doctor/search.php`. To detect it on your system, you can attempt SQL injection payloads targeting the `searchdata` parameter, including time-based blind SQL injection and Union-based SQL injection techniques. Example commands using curl to test for SQL injection might include: curl -G 'http://target/doctor/search.php' --data-urlencode "searchdata=' OR SLEEP(5)-- " curl -G 'http://target/doctor/search.php' --data-urlencode "searchdata=' UNION SELECT NULL-- " These commands check for time delays or error responses indicating SQL injection vulnerability. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
There are no known countermeasures or mitigations currently available for this vulnerability. The suggested immediate step is to replace the affected component (PHPGurukul Hospital Management System 4.0) with an alternative product that is not vulnerable. Additionally, restricting access to the vulnerable endpoint and monitoring for exploitation attempts may help reduce risk until a patch or fix is available. [2]