CVE-2025-64081
- EPSS 0.06%
- Veröffentlicht 08.12.2025 00:00:00
- Zuletzt bearbeitet 08.12.2025 22:15:52
SQL injection vulnerability in /php/api_patient_schedule.php in SourceCodester Patients Waiting Area Queue Management System v1 allows attackers to execute arbitrary SQL commands via the appointmentID parameter.
CVE-2025-13248
- EPSS 0.05%
- Veröffentlicht 16.11.2025 11:15:43
- Zuletzt bearbeitet 11.12.2025 16:56:14
A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is an unknown function of the file /php/api_patient_schedule.php. This manipulation of the argument appointmentID causes sql inje...
CVE-2025-13122
- EPSS 0.02%
- Veröffentlicht 13.11.2025 18:02:05
- Zuletzt bearbeitet 17.11.2025 12:30:18
A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/api_patient_checkin.php. Performing manipulation of the argument appointment...
CVE-2025-63718
- EPSS 0.03%
- Veröffentlicht 07.11.2025 00:00:00
- Zuletzt bearbeitet 17.11.2025 18:38:45
A SQL injection vulnerability exists in the SourceCodester PQMS (Patient Queue Management System) 1.0 in the api_patient_schedule.php endpoint. The appointmentID parameter is not properly sanitized, allowing attackers to execute arbitrary SQL command...