CVE-2025-5779 – This critical SQL injection vulnerability in Pa... (How to Fix)

Q: What is the severity of CVE-2025-5779?

CVE-2025-5779 has a CVSS score of 6.3 (MEDIUM). This critical SQL injection vulnerability in Patient Record Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the itr_no/comp_id parameters in birthing.php. This could lead to unauthorized access, data theft, or system compromise. All users running the affected software are at risk.

📋 TL;DR

This critical SQL injection vulnerability in Patient Record Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the itr_no/comp_id parameters in birthing.php. This could lead to unauthorized access, data theft, or system compromise. All users running the affected software are at risk.

💻 Affected Systems

Products:

Patient Record Management System

Versions: 1.0

Operating Systems: Any OS running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the specific file /birthing.php with vulnerable parameters itr_no and comp_id

📦 What is this software?

Patient Record Management System by Code Projects

View all CVEs affecting Patient Record Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including patient record exfiltration, authentication bypass, remote code execution, and system takeover

🟠

Likely Case

Unauthorized data access and modification of patient records, potential credential theft

🟢

If Mitigated

Limited impact with proper input validation and database permissions, but still represents a security weakness

🌐 Internet-Facing: HIGH - Remote exploitation possible without authentication

🏢 Internal Only: HIGH - Even internal systems are vulnerable to insider threats or lateral movement

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit documentation available on GitHub, SQL injection is a well-understood attack vector

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

No official patch available. Consider migrating to supported software or implementing workarounds.

🔧 Temporary Workarounds

Input Validation and Parameterized Queries

all

Implement proper input validation and use prepared statements for database queries

Modify birthing.php to use PDO or mysqli prepared statements
Add input validation for itr_no and comp_id parameters

Web Application Firewall (WAF)

all

Deploy WAF rules to block SQL injection patterns

Configure WAF to block SQL injection patterns in POST/GET parameters
Add rule: SecRule ARGS "(?i:(union.*select|select.*from))" "id:1001,phase:2,deny"

🧯 If You Can't Patch

Isolate the system from internet access and restrict internal network access
Implement strict database permissions and monitor for unusual SQL queries

🔍 How to Verify

Check if Vulnerable:

Test birthing.php with SQL injection payloads in itr_no or comp_id parameters (e.g., ' OR '1'='1)

Check Version:

Check software version in admin panel or configuration files

Verify Fix Applied:

Verify that SQL injection payloads no longer execute and return proper error handling

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts or parameter manipulation in web server logs
Requests to birthing.php with SQL keywords in parameters

Network Indicators:

Unusual database connections from web server
Large data transfers from database

SIEM Query:

source="web_logs" AND uri="/birthing.php" AND (param="*union*select*" OR param="*select*from*")

📊 Metadata

CVE ID: CVE-2025-5779

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.03% exploit probability (7.3th percentile)

Published: June 6, 2025

Last Updated: June 10, 2025

🔗 References

https://code-projects.org/ Product
https://github.com/Thiasap/HCPMS_PHP_vulns/blob/main/sql%20injection%20in%20birthing.php.pdf Exploit,Third Party Advisory
https://vuldb.com/?ctiid.311323 Permissions Required
https://vuldb.com/?id.311323 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.591127 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-5779, you might also want to check these: