CVE-2025-8497

CWE-74 CWE-89 — SQL Injection3 documents3 sources

Severity

6.9MEDIUM

EPSS

0.1%

top 80.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Code-projects Online Medicine Guide Anisha Online Medicine Guide

Timeline

PublishedAug 3

Description

A weakness has been identified in code-projects Online Medicine Guide 1.0. This affects an unknown part of the file /cusfindphar2.php. This manipulation of the argument Search causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5code-projects/online_medicine_guide1.0

▶NVDanisha/online_medicine_guide1.0

🔴Vulnerability Details

CVEList

code-projects Online Medicine Guide cusfindphar2.php sql injection↗2025-08-03

▶

GHSA

GHSA-xpq2-87j9-cv9g: A vulnerability was found in code-projects Online Medicine Guide 1↗2025-08-03

▶