CVE-2025-8497 is a SQL Injection vulnerability identified in version 1.0 of the code-projects Online Medicine Guide application. The vulnerability exists in the /cusfindphar2.php file, specifically in the handling of the 'Search' parameter. An attacker can manipulate this parameter to inject malicious SQL code, which the backend database executes. This flaw allows remote attackers to perform unauthorized database queries without authentication or user interaction, potentially leading to unauthorized data access, data modification, or database corruption. The vulnerability has a CVSS 4.0 base score of 6.9, indicating a medium severity level. The attack vector is network-based (AV:N), with low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The impact on confidentiality, integrity, and availability is low to limited (VC:L, VI:L, VA:L), suggesting that while exploitation can cause harm, it may not lead to full system compromise or widespread disruption. No patches or fixes have been published yet, and no known exploits are reported in the wild, although proof-of-concept code is publicly available, increasing the risk of exploitation. The vulnerability affects only version 1.0 of the product, which is an online medicine guide likely used by healthcare providers or pharmacies to access pharmaceutical information. Given the nature of the application, the database may contain sensitive medical or pharmaceutical data, making the confidentiality impact particularly relevant.

For European organizations, especially those in the healthcare sector using the Online Medicine Guide 1.0, this vulnerability poses a risk of unauthorized access to sensitive pharmaceutical data. This could lead to exposure of confidential patient medication information, intellectual property related to medicines, or internal pharmacy data. Such data breaches could violate GDPR regulations, leading to legal and financial penalties. Additionally, manipulation of the database could disrupt pharmacy operations or lead to misinformation about medicines, potentially impacting patient safety. The remote and unauthenticated nature of the exploit increases the risk of attacks from external threat actors. Although the severity is medium, the healthcare context amplifies the potential reputational damage and regulatory consequences for affected organizations. The lack of patches means organizations must rely on other mitigations until a fix is available.

1. Immediate implementation of Web Application Firewalls (WAFs) with custom rules to detect and block SQL injection attempts targeting the 'Search' parameter in /cusfindphar2.php. 2. Conduct thorough input validation and sanitization on all user-supplied inputs, especially the 'Search' parameter, using parameterized queries or prepared statements to prevent injection. 3. Restrict database user privileges to the minimum necessary to limit the impact of any successful injection. 4. Monitor application logs for unusual query patterns or repeated failed attempts that may indicate exploitation attempts. 5. Isolate the vulnerable application from critical internal systems to contain potential breaches. 6. Engage with the vendor or development team to obtain patches or updates as soon as they become available. 7. Educate staff on the risks and signs of exploitation to enhance detection and response capabilities. 8. Consider temporary disabling or restricting access to the vulnerable functionality if feasible until a patch is released.