CVE-2025-3206

A vulnerability has been found in code-projects Hospital Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/doctor-specilization.php. The manipulation of the argument doctorspecilization leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Published: Apr 4, 2025
Updated: May 4, 2025
CVE: CVE-2025-3206
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
code-projects / hospital_management_system	1.0	1.0.x

https://code-projects.org/
https://github.com/Lanxiy7th/lx_CVE_report-/issues/19
https://vuldb.com/?ctiid.303160
https://vuldb.com/?id.303160
https://vuldb.com/?submit.545895

Vulnerability Database

291,049

CVE-2025-3206