2196 matches found
EUVD-2026-41786
A vulnerability was found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /payment.php. The manipulation of the argument patientid results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2026-14774
The vulnerability CVE-2026-14774 affects itsourcecode Hospital Management System 1.0. The issue lies in the file /paymentdischarge.php, where manipulation of the argument patientid leads to a SQL injection. Access may be remote, and the exploit has been publicly disclosed and may be used. The ava...
CVE-2026-14773 itsourcecode Hospital Management System payment.php sql injection
A vulnerability was found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /payment.php. The manipulation of the argument patientid results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2026-14731 itsourcecode Hospital Management System patientreport.php sql injection
A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...
CVE-2026-14730 itsourcecode Hospital Management System patientprofile.php sql injection
A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientprofile.php. Performing a manipulation of the argument patientname results in sql injection. The attack can be initiated remotely. The explo...
CVE-2026-14717 itsourcecode Hospital Management System patientlogin.php sql injection
A vulnerability was detected in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /patientlogin.php. Performing a manipulation of the argument loginid results in sql injection. Remote exploitation of the attack is possible. The exploit is now...
CVE-2026-14703
The CVE concerns itsourcecode Hospital Management System 1.0, where an SQL injection is possible in /patientorder.php via the editid parameter. Root cause: likely unsafely constructed SQL leading to data disclosure or modification. A remote attacker could exploit this (network access) and the att...
EUVD-2026-41710
A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. The affected element is an unknown function of the file /admin/login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...
CVE-2026-14688 itsourcecode Online Hotel Management System login.php sql injection
A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. The affected element is an unknown function of the file /admin/login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and...
CVE-2026-14688
CVE-2026-14688 affects itsourcecode Online Hotel Management System 1.0. The vulnerability is SQL injection in an unknown function of /admin/login.php triggered by manipulating the email parameter. Exploitation can be remote and publicly available proofs-of-concept exist. Impact metrics indicate l...
PT-2026-55750
Name of the Vulnerable Software and Affected Versions itsourcecode Online Hotel Management System version 1.0 Description A remote SQL injection is possible via the manipulation of the email argument within an unknown function of the '/admin/login.php' endpoint. SQL injection is a technique where...
CVE-2026-14659
Summary : CVE-2026-14659 affects itsourcecode Hospital Management System 1.0. The vulnerability is in the /patientappointment.php script, where manipulation of the patiente argument enables SQL injection. This is a network-facing issue with low-priority details reported as proof-of-concept exploi...
CVE-2026-14659 itsourcecode Hospital Management System patientappointment.php sql injection
A vulnerability has been found in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /patientappointment.php. Such manipulation of the argument patiente leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public...
CVE-2026-14638
Summary of the CVE-2026-14638 : A flaw exists in itsourcecode Hospital Management System 1.0, affecting an unknown function in the file /patient.php. Manipulation of the argument editid enables a possible SQL injection . The attack surface is described as remote, and the exploit has been publishe...
CVE-2026-14619 itsourcecode Hospital Management System medicine.php sql injection
A flaw has been found in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /medicine.php. This manipulation of the argument editid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and ma...
CVE-2026-14619
The CVE-2026-14619 entry affects itsourcecode Hospital Management System 1.0, specifically the /medicine.php functionality. The flaw arises in the editid argument, allowing SQL injection in a manner described as remote exploitation. Documents state that the exploit has been published and may be u...
CVE-2026-13579 itsourcecode Hospital Management System patientchangepassword.php sql injection
A weakness has been identified in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientchangepassword.php. Executing a manipulation of the argument newpassword can lead to sql injection. The attack may be launched remotely. The...
CVE-2026-13578
CVE-2026-13578 affects itsourcecode Hospital Management System 1.0. The vulnerability is an SQL injection in the file /patientdetail.php triggered by manipulating the editid parameter. Attack vector is network-based with low complexity and no user interaction required; privileges appear to be low...
CVE-2026-13572 itsourcecode Hospital Management System insertbillingrecord.php sql injection
A vulnerability has been found in itsourcecode Hospital Management System 1.0. The impacted element is an unknown function of the file /insertbillingrecord.php. The manipulation of the argument patientid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2026-13572
A vulnerability has been found in itsourcecode Hospital Management System 1.0. The impacted element is an unknown function of the file /insertbillingrecord.php. The manipulation of the argument patientid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...