CNNVD-202511-1820 Information

Nov 16, 2025 cve

CNNVD ID

CNNVD-202511-1820

CVE-2025-13248

CNNVD Published: 2025-11-16

Description (Chinese)

SourceCodester Patients Waiting Area Queue Management System是SourceCodester开源的一个病人候诊区排队管理系统。 SourceCodester Patients Waiting Area Queue Management System 1.0版本存在SQL注入漏洞，该漏洞源于对文件/php/api_patient_schedule.php中参数appointmentID的错误操作，可能导致SQL注入攻击。

Description (English)

ServiceCodester Patients Waiting Area Queue Management System is a waiting area management system for patients from the Open Source of ServiceCodester. The SQL injection loophole in version 1.0 of SourceCodeCodesterPatients Waiting Area Queue Management System stems from an error in the application of the parameters in the document/php/api patient schedule.php, which could lead to an SQL injection attack.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

SourceCodester

Published

2025-11-16

Last Modified

2026-02-24

References

https://github.com/2H-K/mycve/issues/2 https://vuldb.com/?ctiid.332582 https://vuldb.com/?id.332582 https://www.sourcecodester.com/ https://vuldb.com/?submit.687580 https://access.redhat.com/security/cve/cve-2025-13248

Share on: