A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /appointment.php. The manipulation of the argument patient leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://github.com/mysq13/CVE/issues/2 | Exploit Issue Tracking Third Party Advisory |
| https://github.com/mysq13/CVE/issues/2 | Exploit Issue Tracking Third Party Advisory |
| https://vuldb.com/?ctiid.311233 | Permissions Required VDB Entry |
| https://vuldb.com/?id.311233 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.590530 | Third Party Advisory VDB Entry |
| https://www.sourcecodester.com/ | Product |
Configurations
Configuration 1 (hide)
|
History
10 Jun 2025, 15:46
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:nikhil-bhalerao:open_source_clinic_management_system:1.0:*:*:*:*:*:*:* | |
| First Time |
Nikhil-bhalerao open Source Clinic Management System
Nikhil-bhalerao |
|
| References | () https://github.com/mysq13/CVE/issues/2 - Exploit, Issue Tracking, Third Party Advisory | |
| References | () https://www.sourcecodester.com/ - Product | |
| References | () https://vuldb.com/?submit.590530 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?id.311233 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?ctiid.311233 - Permissions Required, VDB Entry |
09 Jun 2025, 14:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-74 |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
06 Jun 2025, 03:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-06-06 03:15
Updated : 2025-06-10 15:46
NVD link : CVE-2025-5712
Mitre link : CVE-2025-5712
JSON object : View
Products Affected
nikhil-bhalerao
- open_source_clinic_management_system
CWE
No CWE.