CNNVD-202508-3248 Information

CNNVD ID

CNNVD-202508-3248

Related CVE

CVE-2025-30058

• CNNVD Published: 2025-08-27

Description (Chinese)

CGM CLININET是德国CGM公司的一款医院信息管理系统。 CGM CLININET存在SQL注入漏洞，该漏洞源于getPatientIdentifier函数对pesel参数处理不当，可能导致SQL注入攻击。

Description (English)

CGM CLIINNET is a hospital information management system operated by the German company CGM. CGM CLIINNET has an SQL injection loophole, which stems from the inappropriate handling of the Pesel parameters by the GetPatientIdentifier function, which could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

CGM

Published

2025-08-27

Last Modified

2026-02-24

References

https://cert.pl/en/posts/2025/08/CVE-2025-2313/ https://nvd.nist.gov/vuln/detail/CVE-2025-30058