CVE-2025-3210

Name of the Vulnerable Software and Affected Versions code-projects Patient Record Management System versions 1.0 through 3.1

Description A critical issue was found in the Patient Record Management System, affecting some unknown functionality of the file /birthing pending.php. The manipulation of the birth id argument leads to SQL injection. This issue can be exploited remotely.

Recommendations For code-projects Patient Record Management System version 1.0, consider restricting access to the /birthing pending.php file until a patch is available. For code-projects Patient Record Management System version 3.1, avoid using the birth id argument in the affected API endpoint until the issue is resolved. As a temporary workaround, consider disabling the SQL functionality related to the birth id argument in the /birthing pending.php file until a patch is available.