CVE-2025-45997 is a high-severity file upload vulnerability affecting the Sourcecodester Web-based Pharmacy Product Management System version 1.0. The vulnerability arises because the application improperly validates uploaded files, allowing an attacker to upload a malicious PHP script disguised as an image file. Specifically, the attacker can modify the Content-Type HTTP header to 'image/jpg' to bypass any naive content-type checks implemented by the system. This vulnerability is classified under CWE-434 (Unrestricted Upload of File with Dangerous Type), which typically leads to remote code execution or server compromise if exploited successfully. Given that the system is web-based and likely accessible over the internet or internal networks, an attacker can exploit this vulnerability remotely without any authentication or user interaction. The CVSS v3.1 base score is 8.6, indicating a high severity, with the vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L meaning the attack can be performed remotely over the network with low attack complexity, no privileges required, and no user interaction. The impact on confidentiality is high, as the attacker can execute arbitrary code on the server, potentially accessing sensitive data. Integrity and availability impacts are low to moderate, as the attacker could modify or disrupt the system but the primary impact is data confidentiality. No patches or vendor mitigations are currently listed, and no known exploits are reported in the wild yet, but the vulnerability is publicly disclosed and could be targeted by threat actors in the near future.

For European organizations, especially those in the healthcare and pharmaceutical sectors using the Sourcecodester Pharmacy Product Management System or similar web-based management tools, this vulnerability poses a significant risk. Exploitation could lead to unauthorized access to sensitive patient data, prescription records, and internal pharmacy operations, violating GDPR and other data protection regulations. The compromise of such systems could disrupt pharmacy services, leading to operational downtime and loss of trust. Additionally, attackers could leverage the uploaded PHP shell to pivot within the network, escalating privileges or exfiltrating data. The high confidentiality impact combined with the critical nature of healthcare data makes this vulnerability particularly concerning in Europe, where data privacy laws are stringent and healthcare infrastructure is a critical national asset.

Organizations should immediately audit their web-based pharmacy management systems for this vulnerability. Specific mitigations include: 1) Implement strict server-side validation of uploaded files, verifying file content signatures (magic bytes) rather than relying solely on Content-Type headers or file extensions. 2) Restrict upload directories to non-executable locations and configure web servers to disallow execution of uploaded files. 3) Employ application-layer filtering to block PHP or other script files from being uploaded. 4) Use web application firewalls (WAFs) with rules to detect and block suspicious file upload attempts. 5) Monitor logs for unusual upload activities and conduct regular security assessments. 6) If possible, replace or upgrade the vulnerable system to a version that addresses this issue or switch to alternative solutions with secure file handling. 7) Educate developers and administrators about secure file upload practices to prevent similar vulnerabilities in the future.