Unknown · Patient Record Management System · CVE-2025-7754
**Name of the Vulnerable Software and Affected Versions**
Patient Record Management System version 1.0
**Description**
A critical issue exists in the Patient Record Management System. The vulnerability is due to SQL injection within the `/xray form.php` file. Manipulation of the `itr no` argument can lead to exploitation. The exploit has been publicly disclosed and may be used to initiate attacks remotely.
**Recommendations**
Patient Record Management System version 1.0: Sanitize or validate the `itr no` argument to prevent SQL injection.