CVE-2025-4818 | SourceCodester Doctor’s Appointment System 1.0 GET Parameter /admin/delete-doctor.php ID sql injection

Inserito da Angelo Barbosa | Mag 16, 2025 | CVE

A vulnerability was found in SourceCodester Doctor’s Appointment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/delete-doctor.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection.

The identification of this vulnerability is CVE-2025-4818. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-4818 | SourceCodester Doctor’s Appointment System 1.0 GET Parameter /admin/delete-doctor.php ID sql injection

Post correlati

CVE-2024-38683 | iThemelandCo WooCommerce Report Plugin up to 1.4.5 on WordPress cross site scripting

CVE-2025-48734 | Apache Commons BeanUtils up to 1.10.x/2.0.0-/1 org.apache.commons getProperty access control

CVE-2024-11747 | Responsive Videos Plugin up to 2.1 on WordPress cross site scripting

CVE-2025-22757 | CodeBard Help Desk Plugin up to 1.1.2 on WordPress cross site scripting