CVE-2025-4818 | SourceCodester Doctor’s Appointment System 1.0 GET Parameter /admin/delete-doctor.php ID sql injection

Inserito da Angelo Barbosa | Mag 16, 2025 | CVE

A vulnerability was found in SourceCodester Doctor’s Appointment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/delete-doctor.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection.

The identification of this vulnerability is CVE-2025-4818. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-4818 | SourceCodester Doctor’s Appointment System 1.0 GET Parameter /admin/delete-doctor.php ID sql injection

Post correlati

CVE-2024-6945 | Flute CMS 0.2.2.4-alpha Avatar Upload Page ImagesController.php avatar unrestricted upload

CVE-2025-21392 | Microsoft Office use after free

CVE-2025-23600 | pinal.shah Send to a Friend Addon Plugin up to 1.4.1 on WordPress cross site scripting

CVE-2024-45567 | Qualcomm Snapdragon Compute FastConnect 6900 up to WSA8832 JPEG Encoding use after free