Submeter #769579: SourceCodester Patients Waiting Area Queue Management System 1 SQL Injectioninformação

TítuloSourceCodester Patients Waiting Area Queue Management System 1 SQL Injection
DescriçãoA SQL Injection vulnerability exists in the appointmentID parameter of the api_patient_checkin.php endpoint in the Patient Queue Management System (PQMS). The application fails to properly sanitize user input before incorporating it into SQL queries. An attacker can exploit this vulnerability to execute arbitrary SQL commands against a MySQL backend, potentially leading to database disclosure, modification, or complete compromise.
Fonte⚠️ https://medium.com/@rvpipalwa/sql-injection-vulnerability-in-appointment-check-in-endpoint-patient-queue-management-system-cb6d32c08382
Utilizador
 rvpipalwa (UID 93501)
Submissão28/02/2026 11h23 (há 2 meses)
Moderação08/03/2026 18h48 (8 days later)
EstadoDuplicado
Entrada VulDB332350 [SourceCodester Patients Waiting Area Queue Management System 1.0 api_patient_checkin.php getPatientAppointment appointmentID Injeção SQL]
Pontos0

VoltarVisão GeralPróximo

Do you know our Splunk app?

Download it now for free!