CVE-2025-4021 | code-projects Patient Record Management System 1.0 /edit_spatient.php ID sql injection

Inserito da Angelo Barbosa | Apr 27, 2025 | CVE

A vulnerability was found in code-projects Patient Record Management System 1.0. It has been classified as critical. This affects an unknown part of the file /edit_spatient.php. The manipulation of the argument ID leads to sql injection.

This vulnerability is uniquely identified as CVE-2025-4021. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-4021 | code-projects Patient Record Management System 1.0 /edit_spatient.php ID sql injection

Post correlati

CVE-2023-41623 | Emlog 2.1.14 /admin/media.php uid sql injection

CVE-2024-45612 | Contao CMS up to 4.13.48/5.3.14/5.4.2 Canonical Tag input validation

CVE-2024-45047 | sveltejs svelte up to 4.2.18 cross site scripting (GHSA-8266-84wp-wv5c)

CVE-2024-48202 | IceCMS up to 3.4.7 FileUtils.java unrestricted upload