CVE 9.8 CRITICAL

CVE-2025-64081_CVE-2025-64081

December 8, 2025 invoker category_cve
9.8 / 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

SQL injection vulnerability in /php/api_patient_schedule.php in SourceCodester Patients Waiting Area Queue Management System v1 allows attackers to execute arbitrary SQL commands via the appointmentID parameter.

AI Analysis

SQL injection vulnerability allowing execution of arbitrary SQL commands

Basic Information

ID CVE-2025-64081
Source mitre
Published Dec 8, 2025 at 00:00
Modified Dec 8, 2025 at 21:18

Affected Product

Vendor SourceCodester
Product Patients Waiting Area Queue Management System
Version v1
Affected Versions n/a n/a n/a

CWE Classification

CWE-89

AI Assessment

AI Score 9.8 / 10
AI Severity Critical
Vendor SourceCodester
Product Patients Waiting Area Queue Management System
Version v1

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.