CNNVD-202512-473 Information
CNNVD ID
CNNVD-202512-473
Related CVE
- CNNVD Published: 2025-12-04
Description (Chinese)
Mayurik dawa-pharma是Mayurik开源的一个药房管理系统。 Mayurik dawa-pharma 1.0版本存在SQL注入漏洞,该漏洞源于未经验证的攻击者可执行SQL查询,可能导致敏感信息泄露和获取管理员权限。
Description (English)
Mayurik dawa-parma is a pharmacy management system for Mayurik ’ s open source. Version 1.0 of Mayurik dawa-parma contains an injection loophole in SQL, which stems from the fact that uncertified assailants can execute SQL queries, which may lead to the disclosure of sensitive information and access to administrator privileges.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
Mayurik
Published
2025-12-04
Last Modified
2026-02-24
References
https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayuri_k/2022/dawa-pharma-1.0-2022 https://www.exploit-db.com/exploits/51818 https://www.mayurik.com/source-code/P0349/best-pharmacy-billing-software-free-download https://www.nu11secur1ty.com/ https://www.vulncheck.com/advisories/dawa-pharma-10-sql-injection-via-email-parameter
Share on: