CVE-2025-8987 – This vulnerability allows remote attackers to e... (How to Fix)

Q: What is the severity of CVE-2025-8987?

CVE-2025-8987 has a CVSS score of 7.3 (HIGH). This vulnerability allows remote attackers to execute SQL injection attacks against the SourceCodester COVID 19 Testing Management System 1.0 by manipulating the 'remark' parameter in the /test-details.php file. Attackers can potentially access, modify, or delete database content. Organizations using this specific software version are affected.

📋 TL;DR

This vulnerability allows remote attackers to execute SQL injection attacks against the SourceCodester COVID 19 Testing Management System 1.0 by manipulating the 'remark' parameter in the /test-details.php file. Attackers can potentially access, modify, or delete database content. Organizations using this specific software version are affected.

💻 Affected Systems

Products:

SourceCodester COVID 19 Testing Management System

Versions: 1.0

Operating Systems: Any OS running PHP web server

Default Config Vulnerable: ⚠️ Yes

Notes: Affects installations with the vulnerable /test-details.php file accessible.

📦 What is this software?

Covid19 Testing Management System by Unyasoft

View all CVEs affecting Covid19 Testing Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data manipulation, or system takeover via SQL injection to execute arbitrary commands.

🟠

Likely Case

Unauthorized access to sensitive COVID testing data, patient information exposure, or database manipulation.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and network segmentation in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details are publicly available on GitHub, making this easily exploitable by attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.sourcecodester.com/

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available, or implement workarounds.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and parameterized queries for the 'remark' parameter in test-details.php

Modify PHP code to use prepared statements: $stmt = $conn->prepare('SELECT * FROM table WHERE remark = ?'); $stmt->bind_param('s', $remark);

Web Application Firewall (WAF) Rules

all

Deploy WAF rules to block SQL injection patterns targeting the /test-details.php endpoint

Add WAF rule: Block requests to /test-details.php with SQL injection patterns in parameters

🧯 If You Can't Patch

Isolate the system from internet access and restrict to internal network only
Implement strict network segmentation and monitor all access to the vulnerable endpoint

🔍 How to Verify

Check if Vulnerable:

Test the /test-details.php endpoint with SQL injection payloads in the 'remark' parameter and observe database errors or unexpected behavior.

Check Version:

Check the software version in the admin panel or configuration files, typically in config.php or similar files.

Verify Fix Applied:

After implementing parameterized queries, test with SQL injection payloads and verify no database errors or unauthorized access occurs.

📡 Detection & Monitoring

Log Indicators:

SQL syntax errors in web server logs
Unusual database queries from web application
Multiple failed login attempts or parameter manipulation

Network Indicators:

HTTP requests to /test-details.php with SQL keywords in parameters
Unusual database connection patterns from web server

SIEM Query:

source="web_server" AND uri="/test-details.php" AND (param="remark" AND value CONTAINS "UNION" OR value CONTAINS "SELECT" OR value CONTAINS "OR 1=1")

📊 Metadata

CVE ID: CVE-2025-8987

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.03% exploit probability (7.4th percentile)

Published: August 14, 2025

Last Updated: August 18, 2025

🔗 References

https://github.com/zhuyi-hz/cve/issues/4 Exploit,Issue Tracking,Third Party Advisory
https://vuldb.com/?ctiid.319983 Permissions Required,VDB Entry
https://vuldb.com/?id.319983 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.628664 Third Party Advisory,VDB Entry
https://www.sourcecodester.com/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-8987, you might also want to check these: