CNNVD-202506-3517 Information

CNNVD ID

CNNVD-202506-3517

Related CVE

CVE-2025-6766

• CNNVD Published: 2025-06-27

Description (Chinese)

hosporder是中国Xiaohao.Shi个人开发者的一个医院预约挂号系统。 hosporder存在注入漏洞，该漏洞源于文件OfficeServiceImpl.java中参数officesName的错误操作导致SQL注入。

Description (English)

Hosporder is a hospital booking system for Xiaohao.Shi personal developers in China. There is an injection loophole in the hosporder that results from an error in the office name parameter in the OfficeServiceImpl.java file.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

Live Support

Published

2025-06-27

Last Modified

2026-02-24

References

https://github.com/sfturing/hosp_order/issues/108 https://vuldb.com/?ctiid.314080 https://vuldb.com/?id.314080 https://vuldb.com/?submit.600529