CNNVD-202511-1575 Information

Nov 13, 2025 cve

CNNVD ID

CNNVD-202511-1575

CVE-2025-13122

CNNVD Published: 2025-11-13

Description (Chinese)

SourceCodester Patients Waiting Area Queue是SourceCodester开源的一个患者等候区排队系统。 SourceCodester Patients Waiting Area Queue 1.0版本存在SQL注入漏洞，该漏洞源于文件/php/api_patient_checkin.php中getPatientAppointment函数对appointmentID参数处理不当，可能导致SQL注入攻击。

Description (English)

ServiceCodester Patients Waing Area Queue is a waiting area for patients from the Open Source of ServiceCodester. The source of the SQL-injection loophole in the sourceCodeCodesterPatients Wayng Area Queue 1.0, which stems from the inappropriate handling of the appointmentID parameters by the GetPatientAppintment function in the file/php/api patient checkin.php, may lead to an attack on SQL injection.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

SourceCodester

Published

2025-11-13

Last Modified

2026-02-24

References

https://vuldb.com/?submit.683789 https://vuldb.com/?id.332350 https://vuldb.com/?ctiid.332350 https://www.sourcecodester.com/ https://access.redhat.com/security/cve/cve-2025-13122

Patch

https://www.sourcecodester.com/

Share on: