Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
Patient Record Management System 1.0: Unauthorized Data Access Risk
CVE-2026-6005
Summary
A security issue has been discovered in the Patient Record Management System 1.0. If an attacker manipulates certain data, they may be able to access sensitive patient information without permission. We recommend updating to the latest version of the software to fix this issue.
Original title
A flaw has been found in code-projects Patient Record Management System 1.0. The affected element is an unknown function of the file /hematology_print.php. Executing a manipulation of the argument ...
Original description
A flaw has been found in code-projects Patient Record Management System 1.0. The affected element is an unknown function of the file /hematology_print.php. Executing a manipulation of the argument hem_id can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 10 Apr 2026 · Updated: 10 Apr 2026 · First seen: 10 Apr 2026