SQL Injection in Imaster Patient Record Management System
CVE-2025-41004
Imaster's Patient Records Management System is vulnerable to SQL Injection in the endpoint ‘/projects/hospital/admin/complaints.php’ through the ‘id’ parameter.
Vulnerability class: SQL Injection
EPSS: 0.003 (19.1th percentile) — read the EPSS interpretation.
Affected products
- Imaster Patient Record Management System — versions All versions