CVE-2025-29640SQL Injection in Human Metapneumovirus Testing Management System

CWE-89SQL Injection3 documents3 sources
Severity
5.4MEDIUMNVD
EPSS
0.1%
top 74.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Anujk305 Human Metapneumovirus Testing Management System
Timeline
PublishedMar 21

Description

Phpgurukul Human Metapneumovirus (HMPV) – Testing Management System v1.0 is vulnerable to SQL Injection in /patient-report.php via the parameter searchdata..

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-989p-xhj8-3ff8: Phpgurukul Human Metapneumovirus (HMPV) – Testing Management System v12025-03-21
CVEList
CVE-2025-29640: Phpgurukul Human Metapneumovirus (HMPV) – Testing Management System v12025-03-21
CVE-2025-29640 — SQL Injection | cvebase