CVE-2025-7540 | code-projects Online Appointment Booking System 1.0 /getclinic.php townid sql injection

Inserito da Angelo Barbosa | Lug 12, 2025 | CVE

A vulnerability, which was classified as critical, was found in code-projects Online Appointment Booking System 1.0. Affected is an unknown function of the file /getclinic.php. The manipulation of the argument townid leads to sql injection.

This vulnerability is traded as CVE-2025-7540. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Other parameters might be affected as well.

CVE-2025-7540 | code-projects Online Appointment Booking System 1.0 /getclinic.php townid sql injection

Post correlati

CVE-2024-26590 | Linux Kernel up to 5.15/6.6.13/6.7.1 sbi->available_compr_algs null pointer dereference (118a8cf504d7/823ba1d21060/eed24b816e50)

CVE-2025-25896 | D-Link DSL-3782 1.01 Packet destination/netmask/gateway denial of service

CVE-2024-6447 | FULL Plugin up to 3.1.12 on WordPress Parameter License Plan cross site scripting

CVE-2024-31369 | PenciDesign Soledad Plugin up to 8.4.2 on WordPress cross-site request forgery