CVE Alert: CVE-2025-10670 – itsourcecode – E-Logbook with Health Monitoring System for COVID-19
CVE-2025-10670
A flaw has been found in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This issue affects some unknown processing of the file /check_profile.php. Executing manipulation of the argument profile_id can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used.
AI Summary Analysis
Risk verdict
High risk: remote, unauthenticated SQL injection with a publicly disclosed exploit; urgency to remediate.
Why this matters
Allows an attacker to read or modify sensitive data and potentially disrupt health-monitoring workflow. The lack of authentication and network viability increases exposure across publicly facing deployments, elevating potential impact to confidentiality, integrity, and availability.
Most likely attack path
An external actor sends crafted requests to /check_profile.php with manipulated profile_id, exploiting SQL injection without user interaction. Given network access and no privileges required, successful exploitation can extract data or alter records, with potential secondary access to backend resources if database permissions permit. Minimal user action is needed, and partial data/functional impact is likely.
Who is most exposed
Public-facing installations of itsourcecode E-Logbook with Health Monitoring System for COVID-19, typically on LAMP stacks (PHP/MySQL) deployed in organisations hosting patient or health-monitoring data; often exposed behind internet-facing endpoints.
Detection ideas
- HTTP logs showing unusual profile_id values or SQL error patterns to /check_profile.php.
- WAF/IDS triggers for SQL injection payloads targeting the parameter.
- Database logs for anomalous queries, data exfiltration attempts, or unexpected writes.
- Increased error-rate in web/application logs following specific requests.
- Public exploit indicators or related PoC traffic in network sensors.
Mitigation and prioritisation
- Apply vendor patch or upgrade to a fixed version; if unavailable, implement compensating controls immediately.
- Enforce parameterised queries/prepared statements; validate and sanitize all input, especially profile_id.
- Deploy WAF/IPS rules to block SQLi attempts against /check_profile.php.
- Restrict database account privileges for the web app; disable direct remote DB access where possible.
- Change-management: test fixes in staging; monitor production logs after mitigations.
- If KEV is true or EPSS ≥ 0.5, treat as priority 1. Data not provided here; would trigger Priority 1 if KEV/EPSS indicates exploitation.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
