CVE-2025-64081
- EPSS 0.35%
- Veröffentlicht 08.12.2025 00:00:00
- Zuletzt bearbeitet 08.12.2025 22:15:52
SQL injection vulnerability in /php/api_patient_schedule.php in SourceCodester Patients Waiting Area Queue Management System v1 allows attackers to execute arbitrary SQL commands via the appointmentID parameter.
CVE-2025-13248
- EPSS 0.34%
- Veröffentlicht 16.11.2025 11:15:43
- Zuletzt bearbeitet 29.04.2026 01:00:01
A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is an unknown function of the file /php/api_patient_schedule.php. This manipulation of the argument appointmentID causes sql inje...
CVE-2025-13122
- EPSS 0.38%
- Veröffentlicht 13.11.2025 18:02:05
- Zuletzt bearbeitet 29.04.2026 01:00:01
A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/api_patient_checkin.php. Performing manipulation of the argument appointment...
CVE-2025-63718
- EPSS 0.22%
- Veröffentlicht 07.11.2025 00:00:00
- Zuletzt bearbeitet 17.11.2025 18:38:45
A SQL injection vulnerability exists in the SourceCodester PQMS (Patient Queue Management System) 1.0 in the api_patient_schedule.php endpoint. The appointmentID parameter is not properly sanitized, allowing attackers to execute arbitrary SQL command...