Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
Patient Record Management System 1.0: Malicious Data Injection Risk
CVE-2026-6006
Summary
A security flaw in Patient Record Management System 1.0 allows hackers to potentially inject malicious data into the system. This could compromise sensitive patient information. Update the software to the latest version to prevent unauthorized access.
Original title
A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edit_hpatient.php. The manipulation of the argument ID...
Original description
A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edit_hpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 10 Apr 2026 · Updated: 10 Apr 2026 · First seen: 10 Apr 2026