CVE-2025-3195 – A critical SQL injection vulnerability in itsou... (How to Fix)

Q: What is the severity of CVE-2025-3195?

CVE-2025-3195 has a CVSS score of 7.3 (HIGH). A critical SQL injection vulnerability in itsourcecode Online Blood Bank Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the Search parameter in bbms.php. This can lead to data theft, modification, or deletion. All deployments of version 1.0 are affected.

📋 TL;DR

A critical SQL injection vulnerability in itsourcecode Online Blood Bank Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the Search parameter in bbms.php. This can lead to data theft, modification, or deletion. All deployments of version 1.0 are affected.

💻 Affected Systems

Products:

itsourcecode Online Blood Bank Management System

Versions: 1.0

Operating Systems: Any OS running PHP web server

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of version 1.0 are vulnerable. The vulnerability exists in the core application code.

📦 What is this software?

Online Blood Bank Management System by Adonesevangelista

View all CVEs affecting Online Blood Bank Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including sensitive medical data exposure, administrative account takeover, and system destruction via DROP commands.

🟠

Likely Case

Data exfiltration of blood donor records, patient information, and inventory data leading to privacy violations and potential identity theft.

🟢

If Mitigated

Limited impact with proper input validation and WAF filtering, potentially only error-based information disclosure.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable and affects a web application component.

🏢 Internal Only: MEDIUM - Internal attackers could still exploit this to escalate privileges or access sensitive data.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details are publicly available on GitHub. SQL injection via Search parameter requires minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://itsourcecode.com/

Restart Required: No

Instructions:

No official patch available. Consider migrating to alternative software or implementing workarounds.

🔧 Temporary Workarounds

WAF Rule Implementation

all

Deploy web application firewall rules to block SQL injection patterns in the Search parameter

# Example ModSecurity rule: SecRule ARGS:Search "@detectSQLi" "id:1001,phase:2,deny,status:403"

Input Validation Filter

all

Add server-side input validation to sanitize the Search parameter before processing

# PHP example: $search = mysqli_real_escape_string($connection, $_GET['Search']);

🧯 If You Can't Patch

Isolate the system behind a reverse proxy with strict input validation
Implement network segmentation to limit database access from the web server

🔍 How to Verify

Check if Vulnerable:

Test the /bbms.php endpoint with SQL injection payloads in the Search parameter (e.g., ' OR '1'='1)

Check Version:

Check application version in admin panel or source code comments

Verify Fix Applied:

Verify that SQL injection payloads no longer execute and return proper error handling

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts following SQL errors
Long or malformed Search parameter values in web logs

Network Indicators:

HTTP requests to /bbms.php with SQL keywords in parameters
Unusual database connection patterns from web server

SIEM Query:

source="web_logs" AND uri="/bbms.php" AND (Search="*OR*" OR Search="*UNION*" OR Search="*SELECT*")

📊 Metadata

CVE ID: CVE-2025-3195

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.2% exploit probability (42.4th percentile)

Published: April 4, 2025

Last Updated: April 15, 2025

🔗 References

https://github.com/p1026/CVE/issues/21 Exploit,Issue Tracking,Third Party Advisory
https://itsourcecode.com/ Product
https://vuldb.com/?ctiid.303149 Permissions Required,VDB Entry
https://vuldb.com/?id.303149 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.544147 Third Party Advisory,VDB Entry
https://github.com/p1026/CVE/issues/21 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-3195, you might also want to check these: