6 matches found
CVE-2026-4617 SourceCodester Patients Waiting Area Queue Management System Patient Check-In api_patient_checkin.php ValidateToken improper authorization
A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is the function ValidateToken of the file /php/apipatientcheckin.php of the component Patient Check-In Module. Executing a manipulation can lead to improper authorization. It i...
CVE-2026-4617
A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is the function ValidateToken of the file /php/apipatientcheckin.php of the component Patient Check-In Module. Executing a manipulation can lead to improper authorization. It i...
CVE-2026-4617
The CVE-2026-4617 entry concerns SourceCodester Patients Waiting Area Queue Management System 1.0. The vulnerability affects the Patient Check-In Module, specifically the ValidateToken function in /php/api_patient_checkin.php. A manipulated token can cause improper authorization, and exploitation...
SourceCodester Patients Waiting Area Queue Management System 授权问题漏洞
The SourceCodester Patients Waiting Area Queue Management System is an open-source system developed by SourceCodester for managing patient waiting queues. Version 1.0 of the SourceCodester Patients Waiting Area Queue Management System contains a vulnerability related to authorization issues. This...
EUVD-2025-175342
A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/apipatientcheckin.php. Performing manipulation of the argument appointmentID results in sql injection. It is possible to...
CVE-2025-13122 SourceCodester Patients Waiting Area Queue Management System api_patient_checkin.php getPatientAppointment sql injection
A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/apipatientcheckin.php. Performing manipulation of the argument appointmentID results in sql injection. It is possible to...