Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/01/19 9:2 a.m.23 views

CVE-2026-1147 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System api_patient_schedule.php cross site scripting

A vulnerability was found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. This affects an unknown part of the file /php/apipatientschedule.php. Performing a manipulation of the argument Reason results in cross site scripting. It is possible to initiate the attac...

5.1CVSS0.00236EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/16 11:2 a.m.11 views

CVE-2025-13248 SourceCodester Patients Waiting Area Queue Management System api_patient_schedule.php sql injection

A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is an unknown function of the file /php/apipatientschedule.php. This manipulation of the argument appointmentID causes sql injection. The attack can be initiated remotely. The...

7.5CVSS0.00335EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/16 11:2 a.m.4 views

CVE-2025-13248 SourceCodester Patients Waiting Area Queue Management System api_patient_schedule.php sql injection

A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is an unknown function of the file /php/apipatientschedule.php. This manipulation of the argument appointmentID causes sql injection. The attack can be initiated remotely. The...

7.5CVSS7.2AI score0.00335EPSS
Exploits1References5
CVE
CVE
added 2025/11/16 11:2 a.m.13 views

CVE-2025-13248

CVE-2025-13248 affects SourceCodester Patients Waiting Area Queue Management System 1.0. The vulnerability is a SQL injection in an unknown function of the file /php/api_patient_schedule.php caused by manipulating the argument appointmentID . This can be triggered remotely and, per sources, the e...

9.8CVSS7.2AI score0.00335EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/11/07 6:30 p.m.5 views

EUVD-2025-38258

A SQL injection vulnerability exists in the SourceCodester PQMS Patient Queue Management System 1.0 in the apipatientschedule.php endpoint. The appointmentID parameter is not properly sanitized, allowing attackers to execute arbitrary SQL commands...

7.9AI score0.00215EPSS
Exploits1References3
CVE
CVE
added 2025/11/07 12:0 a.m.13 views

CVE-2025-63718

The CVE-2025-63718 entry describes a SQL injection in SourceCodester PQMS 1.0 at api_patient_schedule.php, where the appointmentID parameter is not properly sanitized, enabling arbitrary SQL commands. This is evidenced across multiple connected sources (e.g., Red Hat, EUVD, NVD/CVE records, CNVD,...

6.5CVSS8.1AI score0.00215EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder