CVE-2025-13122 | SourceCodester Patients Waiting Area Queue Management System 1.0 api_patient_checkin.php getPatientAppointment appointmentID sql injection

A vulnerability has been found in SourceCodester Patients Waiting Area Queue Management System 1.0 and classified as critical. The affected element is the function getPatientAppointment of the file /php/api_patient_checkin.php. Performing manipulation of the argument appointmentID results in sql injection.

This vulnerability is cataloged as CVE-2025-13122. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More