- Description
- Le-show medical practice management system from Le-yan has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
- Source
- twcert@cert.org.tw
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- twcert@cert.org.tw
- CWE-89
- Hype score
- Not currently trending
🚨 CVE-2025-3708 ⚠️🔴 CRITICAL (9.8) 🏢 Le-yan - Le-show 🏗️ 0 🔗 https://t.co/tWsaBkGgOv 🔗 https://t.co/IFRPDZAqVK #CyberCron #VulnAlert #InfoSec https://t.co/LeQcZXGtSN
@cybercronai
2 May 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-3708 Le-show medical practice management system from Le-yan has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to … https://t.co/402j9CYhA4
@CVEnew
2 May 2025
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
�� CVE-2025-3708 - Le-show - HIGH 🚨 🗓️ Date published 2025-05-02 04:15:55 UTC #Le-show #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/noGsbHQpCL
@vulns_space
2 May 2025
132 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-3708: CRITICAL] SQL Injection vulnerability in Le-show medical practice management system by Le-yan lets remote attackers inject SQL commands to access or manipulate database contents.#cve,CVE-2025-3708,#cybersecurity https://t.co/5ubgNfunEH https://t.co/S1RSbtDh26
@CveFindCom
2 May 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:le-show:le-yan:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66B41131-9FB2-4BCB-85BC-123280E0FAC7",
"versionEndIncluding": "3.2.25"
}
],
"operator": "OR"
}
]
}
]