CVE-2025-7148 – CodeAstro Simple Hospital Management System Cross-Site Scripting Vulnerability

July 7, 2025

CVE ID : CVE-2025-7148

Published : July 7, 2025, 10:15 p.m. | 29 minutes ago

Description : A vulnerability was found in CodeAstro Simple Hospital Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /patient.html of the component POST Parameter Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Multiple parameters might be affected.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-7149 – Campcodes Advanced Online Voting System SQL Injection Vulnerability

Next Article CVE-2025-7147 – CodeAstro Patient Record Management System SQL Injection

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Kong AI Gateway 3.11 introduces new method for reducing token costs

Got ChatGPT Plus? You can record and summarize meetings on a Mac now – here’s how

I put this buzzworthy 2-in-1 robot vacuum to work in my house – here’s how it fared

AI agents will change work and society in internet-sized ways, says AWS VP

This slick gadget is like a Swiss Army Knife for my keys (and fully trackable)

The details of TC39’s last meeting

The details of TC39’s last meeting

Notes Android App Using SQLite

How to Get Security Patches for Legacy Unsupported Node.js Versions

Microsoft says it won’t change Windows 11’s system tray design after users feedback

Microsoft says it won’t change Windows 11’s system tray design after users feedback

How Rust’s Debut in the Linux Kernel is Shoring Up System Stability

Microsoft is on track to become the second $4 trillion company by market cap, following NVIDIA — and mass layoffs

CVE-2025-7148 – CodeAstro Simple Hospital Management System Cross-Site Scripting Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

Raycast for Windows (Beta) first-look with clipboard upgrades, AI, and third-party extensions

CVE-2025-42996 – SAP MDM Server Session Hijacking Vulnerability

CVE-2025-23164 – Unifi Protect Permanent Livestream Access Token Vulnerability

CVE-2024-41195 – Ocuco Innovation INNOVASERVICEINTF.EXE Privilege Escalation Remote Authentication Bypass

CVE-2025-4528 – Dígitro NGC Explorer Remote Session Expiration Vulnerability

CVE-2025-52725 – CouponXxL PEBAS Object Injection Vulnerability

CVE-2025-2773 – BEC Technologies Multiple Routers TCP Port 22 Command Injection Remote Code Execution Vulnerability

Training Llama 3.3 Swallow: A Japanese sovereign LLM on Amazon SageMaker HyperPod

CVE-2025-7148 – CodeAstro Simple Hospital Management System Cross-Site Scripting Vulnerability

Related Posts