CNNVD-202511-929 Information

CNNVD ID

CNNVD-202511-929

Related CVE

CVE-2025-63497

• CNNVD Published: 2025-11-10

Description (Chinese)

Hospital Management System是Pon Aravind Boominathan个人开发者的一个医院管理软件。 Hospital Management System 1.0版本存在安全漏洞，该漏洞源于文件his_doc_view_single_patient.php中GET参数pat_number未正确清理，可能导致SQL注入攻击。

Description (English)

Hospital Management System is a hospital management software for Pon Aravind Boominathan personal developers. There is a security loophole in version 1.0 of Hospital Management System, which stems from the incorrect clean-up of the GET parameter Pat number in document His doc view single patient.php, which could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-11-10

Last Modified

2026-02-24

References

https://github.com/cristibtz/security-research/blob/main/CVE-2025-63497/report.md https://github.com/cristibtz/security-research/tree/main/rickxy-Hospital-Management-System https://access.redhat.com/security/cve/cve-2025-63497