CVE-2026-4617

The CVE-2026-4617 entry concerns SourceCodester Patients Waiting Area Queue Management System 1.0. The vulnerability affects the Patient Check-In Module, specifically the ValidateToken function in /php/api_patient_checkin.php. A manipulated token can cause improper authorization, and exploitation...

CVE-2026-2149

A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /appointments.php. The manipulation of the argument patientid results in cross site scripting. It is possible to...

CVE-2025-64081

SQL injection vulnerability in /php/apipatientschedule.php in SourceCodester Patients Waiting Area Queue Management System v1 allows attackers to execute arbitrary SQL commands via the appointmentID parameter...

CVE-2025-13248

A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is an unknown function of the file /php/apipatientschedule.php. This manipulation of the argument appointmentID causes sql injection. The attack can be initiated remotely. The...

CVE-2025-13122

A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/apipatientcheckin.php. Performing manipulation of the argument appointmentID results in sql injection. It is possible to...