ГлавнаяУязвимости → CVE-2025-64081
9.8критическая

CVE-2025-64081

Описание

SQL injection vulnerability in /php/api_patient_schedule.php in SourceCodester Patients Waiting Area Queue Management System v1 allows attackers to execute arbitrary SQL commands via the appointmentID parameter.

Затрагиваемое ПО
Pamzey Patients waiting area queue management system
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://packetstorm.news/files/id/211592https://www.sourcecodester.com/php/18348/patients-waiting-area-queue-management-system.html