CVE-2025-63718

Medium CVSS: 6.5

A SQL injection vulnerability exists in the SourceCodester PQMS (Patient Queue Management System) 1.0 in the api_patient_schedule.php endpoint. The appointmentID parameter is not properly sanitized, allowing attackers to execute arbitrary SQL commands.

Vendor

Pamzey

Product

Patients Waiting Area Queue Management System

CWE

CWE-89

Yayın Tarihi

2025-11-07 18:15:36

Güncelleme

2025-11-17 18:38:45

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-89 Patients Waiting Area Queue Management System MEDIUM Pamzey 2025

Referanslar

https://github.com/floccocam-cpu/CVE-Research-2025/blob/main/CVE-2025-63718/README8.md https://www.sourcecodester.com/php/18348/patients-waiting-area-queue-management-system.html

Benzer Kayıtlar

Medium

CVE-2026-3817

A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. This issue affects som…

Medium

CVE-2026-3724

A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. This impacts an unkn…

Medium

CVE-2026-3171

A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by thi…

Medium

CVE-2026-3170

A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected…

Medium

CVE-2026-2154

A vulnerability was identified in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Impact…

Medium

CVE-2026-2150

A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by thi…