CVE identifier: CVE-2025-12933 VDB identifier: VDB-331653 EUVD identifier: EUVD-2025-44028 Description: A critical SQL injection vulnerability was discovered in SourceCodester Baby Care System 1.0. The vulnerability affects an unknown function in the file. It is caused by manipulation of the argument, which can result in SQL injection. Severity: Critical Exploitability: - Can be exploited remotely - An exploit is available and shared on GitHub - Technical details and proof-of-concept exploit are shared CWE Classification: - CWE-89: The product constructs all or part of an SQL command using externally-influenced input from an upstream component without neutralizing special elements that could modify the intended SQL command when it is sent to a downstream component. Impact: - Confidentiality - Integrity - Availability MITRE ATT&CK Technique: T1505