CVE-2025-45997 in Pharmacy Product Management System
Summary
by MITRE • 05/28/2025
Sourcecodester Web-based Pharmacy Product Management System v.1.0 has a file upload vulnerability. An attacker can upload a PHP file disguised as an image by modifying the Content-Type header to image/jpg.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 05/28/2025
This vulnerability exists within the Sourcecodester Web-based Pharmacy Product Management System version 1.0, representing a critical file upload flaw that enables remote code execution through improper input validation. The system fails to implement robust file type verification mechanisms, allowing attackers to bypass security restrictions by manipulating the Content-Type header value from its legitimate image/jpg designation to a PHP script file. This weakness stems from insufficient server-side validation of uploaded files, creating an exploitable pathway for malicious actors to inject malicious code into the system. The vulnerability directly maps to CWE-434 which describes insecure file upload handling, where the application accepts files without proper validation of their actual content or type. Attackers can leverage this flaw by crafting a PHP payload disguised as an image file, then uploading it through the application's file upload functionality. The modified Content-Type header manipulation technique represents a common attack vector used in web application exploitation, where the server's trust in client-provided metadata is abused to circumvent security controls. This vulnerability creates a significant risk for privilege escalation and remote code execution, as the uploaded PHP file can be executed within the web server context, potentially allowing attackers to gain full control over the affected system. The impact extends beyond immediate code execution to include potential data theft, system compromise, and lateral movement within network environments. Organizations using this specific version of the pharmacy management system face heightened risk due to the lack of proper file validation controls, including checks against file signatures, MIME type verification, and proper file extension filtering. The vulnerability aligns with ATT&CK technique T1505.003 which covers server-side include attacks and file upload vulnerabilities, demonstrating how attackers can exploit weak file handling mechanisms to establish persistent access. The security implications are particularly severe given the nature of pharmacy management systems which often contain sensitive patient data and require strict compliance with healthcare regulations. Without proper mitigations, this vulnerability can lead to complete system compromise and unauthorized access to confidential medical information. The attack surface is further expanded by the fact that such systems often run with elevated privileges, increasing the potential damage from successful exploitation.
The technical exploitation process involves crafting a malicious PHP file with commands that can execute system operations, then uploading it using the modified Content-Type header to bypass client-side restrictions. The system's reliance on Content-Type header validation alone creates a fundamental security flaw that can be easily circumvented by attackers with basic knowledge of web application exploitation techniques. This vulnerability demonstrates poor security design principles and inadequate input sanitization practices that are commonly found in legacy web applications. The lack of file content inspection mechanisms means that even if the file extension appears legitimate, the actual file content can be malicious. Security controls should include multiple layers of validation such as file signature checks, content type verification, and proper file handling procedures to prevent such vulnerabilities from being exploited. Organizations should implement comprehensive file upload security measures including whitelisting of allowed file types, mandatory file content validation, and proper secure file storage practices to prevent unauthorized code execution and maintain system integrity. The vulnerability underscores the importance of following secure coding practices and implementing defense-in-depth strategies to protect against file upload related attacks.