SQL Injection Vulnerability in UNIMAX Hospital Information System
CVE-2025-7735

8.7HIGH

Key Information:

Vendor

Unimax

Vendor
CVE Published:
17 July 2025

What is CVE-2025-7735?

The Hospital Information System developed by UNIMAX contains a vulnerability that allows unauthenticated remote attackers to execute arbitrary SQL commands. This flaw facilitates the unauthorized access and extraction of sensitive data from the database, posing significant risks to patient confidentiality and data integrity.

Affected Version(s)

Hospital Information System 0 <= 2024.1.2.1

References

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-7735 : SQL Injection Vulnerability in UNIMAX Hospital Information System