CVE-2025-7148 – CodeAstro Simple Hospital Management System Cross-Site Scripting Vulnerability

July 7, 2025

CVE ID : CVE-2025-7148

Published : July 7, 2025, 10:15 p.m. | 29 minutes ago

Description : A vulnerability was found in CodeAstro Simple Hospital Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /patient.html of the component POST Parameter Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Multiple parameters might be affected.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-7149 – Campcodes Advanced Online Voting System SQL Injection Vulnerability

Next Article CVE-2025-7147 – CodeAstro Patient Record Management System SQL Injection

Highlights

CVE-2025-4886 – iSourcecode Sales and Inventory System SQL Injection Vulnerability

May 18, 2025

CVE ID : CVE-2025-4886

Published : May 18, 2025, 4:15 p.m. | 8 hours, 9 minutes ago

Description : A vulnerability classified as critical was found in itsourcecode Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/product_update.php. The manipulation of the argument serial leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Kong AI Gateway 3.11 introduces new method for reducing token costs

Native vs hybrid vs cross-platform: Resolving the trilemma

JetBrains updates Junie, Gemini API adds embedding model, and more – Daily News Digest

Cyberpunk 2077 Update 2.3 is bringing more vehicle customization, photo mode options, and one amazing new feature — launching this week

The cheapest place to get my games just got even cheaper — get an extra 10% off while you can

Destiny 2: The Edge of Fate reviews open ‘Mixed’ on Steam, with a player count only a fraction of The Final Shape’s — I’m surprised it’s this low after a new expansion

A rare opportunity is here to get an HP gaming laptop for only $500 — NVIDIA RTX graphics and a 144Hz display at a bargain price

The details of TC39’s last meeting

The details of TC39’s last meeting

Vector Search Embeddings and RAG

Python Meets Power Automate: Trigger via URL

FOSS Weekly #25.29: End of Ubuntu 24.10, AUR Issue, Terminal Tips, Screenshot Editing and More Linux Stuff

FOSS Weekly #25.29: End of Ubuntu 24.10, AUR Issue, Terminal Tips, Screenshot Editing and More Linux Stuff

Cyberpunk 2077 Update 2.3 is bringing more vehicle customization, photo mode options, and one amazing new feature — launching this week

The cheapest place to get my games just got even cheaper — get an extra 10% off while you can

CVE-2025-7148 – CodeAstro Simple Hospital Management System Cross-Site Scripting Vulnerability

CVE-2025-7712 – The Madara WordPress Core Plugin Unvalidated File Deletion Vulnerability

CVE-2025-7735 – UNIMAX Hospital Information System SQL Injection

CVE-2025-4998 – H3C Magic R200G HTTP POST Request Handler Denial of Service Vulnerability

Zero-Click to Root: CISA Flags Active Exploits in Apple iOS and TP-Link Routers

I changed 10 settings on my Fire TV for better performance and fewer distractions

CVE-2025-53750 – Apache HTTP Server Authentication Bypass

CVE-2025-4886 – iSourcecode Sales and Inventory System SQL Injection Vulnerability

CVE-2025-50263 – Tenda AC6 Buffer Overflow

Introducing Automated Risk Analysis in Relational Migrator

CVE-2025-5620 – D-Link DIR-816 OS Command Injection Vulnerability

CVE-2025-7148 – CodeAstro Simple Hospital Management System Cross-Site Scripting Vulnerability

Related Posts