CVE Details
Basic Information
| Title |
SourceCodester Health Center Patient Record Management System admin.php sql injection |
| Type |
cve |
| Published |
2025-05-31T08:00:11.607Z |
| Last Seen |
|
Product Information
| Vendor |
SourceCodester |
| Product |
Health Center Patient Record Management System |
| Version |
1.0 |
CVSS Information
| Base Score |
6.9 (MEDIUM) |
| Attack Vector |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| Confidentiality Impact |
|
| Integrity Impact |
|
| Availability Impact |
|
AI Analysis
| AI Description |
A critical SQL injection vulnerability exists in the admin.php file of the Health Center Patient Record Management System 1.0 by SourceCodester. The vulnerability allows remote attackers to inject malicious SQL queries via the Username parameter, potentially compromising the system’s database. The exploit has been publicly disclosed and may be actively used. |
| AI Severity |
High |
| Vendor |
SourceCodester |
| Product |
Health Center Patient Record Management System |
| Affected Version |
1.0 |
Additional Information
| CVE List |
|
| CWE List |
CWE-89, CWE-74 |
| Bulletin Family |
|
| Source Data |
SourceCodester Health Center Patient Record Management System 1.0 |
Source Information
| Source Data |
SourceCodester Health Center Patient Record Management System 1.0 |
| Source Link |
|
Description
A vulnerability, which was classified as critical, has been found in SourceCodester Health Center Patient Record Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/admin.php. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score Summary
View Full CVE Details
