CVE Alert: CVE-2025-10118 – itsourcecode – E-Logbook with Health Monitoring System for COVID-19
CVE-2025-10118
A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. The affected element is an unknown function of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
AI Summary Analysis
**Risk verdict**: High risk due to remote, unauthenticated SQL injection with publicly disclosed exploit; exploitation is plausible and should be treated as urgent.
**Why this matters**: An attacker could bypass authentication and access or modify data via the login endpoint, potentially exfiltrating health data or tampering records. The public PoC increases the likelihood of automated attempts targeting deployed instances, elevating risk for regulated health data and enterprise visibility.
**Most likely attack path**: Attacker reaches login.php over the network, injects malicious input into Username, triggering SQL injection without authentication or user interaction. With PR:N, UI:N, and AC:L, exploitation can occur directly and may impact confidentiality, integrity, and availability at the web application layer, enabling credential access or data manipulation.
**Who is most exposed**: Web applications hosting itsourcecode E-Logbook with Health Monitoring System for COVID-19, especially internet-facing deployments in clinics, universities, or SME environments using likely outdated or unpatched builds.
**Detection ideas**:
- Unusual or error-prone SQL queries in login attempts and DB error logs.
- Widespread or automated login attempts containing SQLi-like payloads.
- IDS/WAF alerts for SQL injection patterns on login.php.
- Frequent 500/400 responses tied to login requests with suspicious input.
- Anomalous data access or authentication bypass events in application logs.
**Mitigation and prioritisation**:
- Apply vendor patch or upgrade to patched release; verify remediation guidance.
- Enforce parameterised queries, input validation, and disable verbose DB error messages.
- Implement WAF rules targeting SQL injection on login endpoints; restrict access (IP allowlists); enable MFA if available; rate-limit login attempts.
- Plan patching in a staging-to-production window; ensure backups and monitoring during rollout.
- If KEV/EPSS indicators emerge, escalate to priority 1 and notify stakeholders immediately.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
