CVE-2026-14703
The CVE concerns itsourcecode Hospital Management System 1.0, where an SQL injection is possible in /patientorder.php via the editid parameter. Root cause: likely unsafely constructed SQL leading to data disclosure or modification. A remote attacker could exploit this (network access) and the att...