{"id":7752,"date":"2025-07-07T17:15:55","date_gmt":"2025-07-07T17:15:55","guid":{"rendered":"http:\/\/localhost\/?p=7752"},"modified":"2025-07-07T17:15:55","modified_gmt":"2025-07-07T17:15:55","slug":"codeastro-patient-record-management-system-loginphp-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7752","title":{"rendered":"CodeAstro Patient Record Management System login.php sql injection"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nCodeAstro Patient Record Management System login.php sql injection<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-07T21:02:06.728Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-07T21:02:06.728Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nCodeAstro<\/td>\n<\/tr>\n
Product<\/th>\nPatient Record Management System<\/td>\n<\/tr>\n
Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n6.9 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:N\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA SQL injection vulnerability in the login.php file of CodeAstro Patient Record Management System version 1.0 allows remote attackers to inject malicious SQL code via the uname argument. This vulnerability is critical as it can lead to unauthorized access to sensitive patient data.<\/td>\n<\/tr>\n
AI Severity<\/th>\nHigh<\/td>\n<\/tr>\n
AI Vendor<\/th>\nCodeAstro<\/td>\n<\/tr>\n
AI Product<\/th>\nPatient Record Management System<\/td>\n<\/tr>\n
AI Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n