2867 matches found
PT-2026-55764
Name of the Vulnerable Software and Affected Versions itsourcecode Hospital Management System version 1.0 Description A remote SQL injection exists in the /patientorder.php endpoint. The issue occurs when the editid variable is manipulated, allowing an attacker to execute arbitrary SQL commands o...
PT-2026-55779
Name of the Vulnerable Software and Affected Versions itsourcecode Hospital Management System version 1.0 Description A SQL injection flaw exists in the /patientreport.php endpoint. This issue allows a remote attacker to execute unauthorized database queries by manipulating the editid variable. S...
PT-2026-55831
Name of the Vulnerable Software and Affected Versions itsourcecode Hospital Management System version 1.0 Description A SQL injection issue exists in the /paymentdischarge.php endpoint. This occurs when the patientid variable is manipulated, allowing a remote attacker to execute unauthorized...
CVE-2026-14659
A vulnerability has been found in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /patientappointment.php. Such manipulation of the argument patiente leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public...
CVE-2026-14659 itsourcecode Hospital Management System patientappointment.php sql injection
A vulnerability has been found in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /patientappointment.php. Such manipulation of the argument patiente leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public...
CVE-2026-14659
Summary : CVE-2026-14659 affects itsourcecode Hospital Management System 1.0. The vulnerability is in the /patientappointment.php script, where manipulation of the patiente argument enables SQL injection. This is a network-facing issue with low-priority details reported as proof-of-concept exploi...
CVE-2026-14638
A flaw has been found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /patient.php. This manipulation of the argument editid causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...
CVE-2026-14638 itsourcecode Hospital Management System patient.php sql injection
A flaw has been found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /patient.php. This manipulation of the argument editid causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...
EUVD-2026-41685
A flaw has been found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /patient.php. This manipulation of the argument editid causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...
CVE-2026-14638
Summary of the CVE-2026-14638 : A flaw exists in itsourcecode Hospital Management System 1.0, affecting an unknown function in the file /patient.php. Manipulation of the argument editid enables a possible SQL injection . The attack surface is described as remote, and the exploit has been publishe...
CVE-2026-14619
A flaw has been found in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /medicine.php. This manipulation of the argument editid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and ma...
CVE-2026-14619 itsourcecode Hospital Management System medicine.php sql injection
A flaw has been found in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /medicine.php. This manipulation of the argument editid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and ma...
EUVD-2026-41658
A flaw has been found in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /medicine.php. This manipulation of the argument editid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and ma...
CVE-2026-14619
A flaw has been found in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /medicine.php. This manipulation of the argument editid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and ma...
CVE-2026-14619
The CVE-2026-14619 entry affects itsourcecode Hospital Management System 1.0, specifically the /medicine.php functionality. The flaw arises in the editid argument, allowing SQL injection in a manner described as remote exploitation. Documents state that the exploit has been published and may be u...
PT-2026-55739
Name of the Vulnerable Software and Affected Versions itsourcecode Hospital Management System version 1.0 Description A remote SQL injection exists in the /patientappointment.php file. This occurs when the patiente argument is manipulated, allowing an attacker to execute arbitrary SQL commands on...
PT-2026-55686
Name of the Vulnerable Software and Affected Versions itsourcecode Hospital Management System version 1.0 Description A flaw in the /medicine.php file allows for remote exploitation via SQL injection. This occurs when the editid variable is manipulated, potentially allowing an attacker to interfe...
CVE-2026-14162
Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...
EUVD-2026-40287
Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...
CVE-2026-14162
Advantech Hospital Queuing Management is listed under CVE-2026-14162 with a Missing Authentication/Unauthenticated access scenario. The description states a Sensitive Data Exposure where unauthenticated remote attackers can access a URL to obtain API documentation. The connected CVE entry confirm...