CNNVD-202511-1935 Information

Nov 17, 2025 cve

CNNVD ID

CNNVD-202511-1935

CVE-2025-13267

CNNVD Published: 2025-11-17

Description (Chinese)

SourceCodester Dental Clinic Appointment是SourceCodester开源的一个牙科诊所预约系统。 SourceCodester Dental Clinic Appointment 1.0版本存在SQL注入漏洞，该漏洞源于对文件/success.php中参数username/password的错误操作，可能导致SQL注入。

Description (English)

ServiceCodester Dental Clinic Application is a dental clinic reservation system that is open to ServiceCodester. Version 1.0 of SourceCodeDental Clinic Application contains an injection loophole in SQL, which results from an error in the use of username/password for the parameter in the document/subaccess.php, which may result in SQL injection.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

SourceCodester

Published

2025-11-17

Last Modified

2026-02-24

References

https://vuldb.com/?id.332602 https://github.com/0xffaaa/cve/blob/main/Dental_Clinic_Appointment_Reservation_System_Time-Based_SQL_Injection2.md https://www.sourcecodester.com/ https://vuldb.com/?submit.689450 https://vuldb.com/?ctiid.332602 https://access.redhat.com/security/cve/cve-2025-13267

Share on: