CNNVD-202512-886 Information
CNNVD ID
CNNVD-202512-886
Related CVE
- CNNVD Published: 2025-12-08
Description (Chinese)
SourceCodester Patients Waiting Area Queue Management System是SourceCodester开源的一个病人候诊区排队管理系统。 SourceCodester Patients Waiting Area Queue Management System v1版本存在SQL注入漏洞,该漏洞源于/php/api_patient_schedule.php文件中参数appointmentID未经验证,可能导致SQL注入。
Description (English)
ServiceCodester Patients Waiting Area Queue Management System is a waiting area management system for patients from the Open Source of ServiceCodester. The source of the SQL injection loophole in the version SQL version of SourceCodesterPatients Waiting Area Queue Management System v1, which originated in/php/api patient schedule.php file parametersAppintmentID was not validated, which could lead to SQL injections.
Hazard Level
Low
Vulnerability Type
SQL注入
Affected Vendor
SourceCodester
Published
2025-12-08
Last Modified
2026-02-24
References
https://packetstorm.news/files/id/211592 https://www.sourcecodester.com/php/18348/patients-waiting-area-queue-management-system.html https://access.redhat.com/security/cve/cve-2025-64081
Patch
https://www.sourcecodester.com/php/18348/patients-waiting-area-queue-management-system.html
Share on: