CVE-2025-6768 | sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8 HospitalServiceImpl.java findAllHosByCondition hospitalName sql injection (Issue 110)

A vulnerability classified as critical has been found in sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8. Affected is the function findAllHosByCondition of the file HospitalServiceImpl.java. The manipulation of the argument hospitalName leads to sql injection.

This vulnerability is traded as CVE-2025-6768. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.VulDB Recent EntriesRead More