CNNVD-202509-4053 Information

Sep 26, 2025 cve

CNNVD ID

CNNVD-202509-4053

CVE-2025-11038

CNNVD Published: 2025-09-26

Description (Chinese)

itsourcecode Online Clinic Management System是itsourcecode开源的一个在线诊所管理系统。 itsourcecode Online Clinic Management System 1.0版本存在SQL注入漏洞，该漏洞源于对文件/details.php中参数ID的错误操作，可能导致SQL注入攻击。

Description (English)

Its sourcecode Online Clinic Management System is an online clinical management system for the open source of itsourcecode. Its sourcecode Online Clinic Management System Version 1.0 contains an injection loophole in SQL, which stems from the wrong operation of parameter ID in the document/details.php and may lead to an attack on SQL injection.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

itsourcecode

Published

2025-09-26

Last Modified

2026-02-24

References

https://itsourcecode.com/ https://vuldb.com/?ctiid.325985 https://vuldb.com/?id.325985 https://vuldb.com/?submit.658345 https://www.notion.so/inmog/Online-Clinic-Management-System-1-0-Union-Based-SQL-Injection-in-details-php-2727752d1edd8094be5ada02acf49175 https://access.redhat.com/security/cve/cve-2025-11038

Share on: