cbcvebase.
CVE-2025-3096
published 2025-04-01

CVE-2025-3096: Clinic’s Patient Management System versions 2.0 suffers from a SQL injection vulnerability in the login page.

PriorityP263critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.28%
66.4th percentile
Clinic’s Patient Management System versions 2.0 suffers from a SQL injection vulnerability in the login page.

Affected

9 ranges
VendorProductVersion rangeFixed in
msrcazl3_php_8.1.22-2_on_azure_linux_3.0
msrcazl3_php_8.3.4-1_on_azure_linux_3.0
msrcazure_linux_3.0_arm
msrcazure_linux_3.0_x64
msrccbl2_php_8.1.22-2_on_cbl_mariner_2.0
msrccbl2_php_8.1.28-1_on_cbl_mariner_2.0
msrccbl_mariner_2.0_arm
msrccbl_mariner_2.0_x64
sourcecodesterclinic_s_patient_management_system

Detection & IOCsextracted from sources · hover to see the quote

path/dashboard/edit-user.php
  • Monitor HTTP POST requests to the login page of Clinic's Patient Management System v2.0 for SQL injection payloads (e.g., quote characters, boolean/time-based blind injection patterns) in login form fields.
  • Alert on file upload activity via user modification functionality following an authenticated session established through SQL injection bypass on the login page — indicative of the SQLi-to-RCE exploit chain.
  • ·The exploit is a two-stage chain: SQLi on the login page grants admin access, which is then leveraged to upload a malicious file for RCE. Detection must cover both stages independently.

CVSS provenance

nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_msrc6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.