Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.5
CVE-2026-10184: SourceCodester Hospitals Patient Records Management System SQL Injection
CVE-2026-10184
Summary
A security issue in SourceCodester Hospitals Patient Records Management System 1.0 allows hackers to inject malicious SQL code. This could allow an attacker to access or modify sensitive patient data. We recommend updating to a fixed version of the software or replacing it with a more secure alternative.
Original title
A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of ...
Original description
A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
5.5
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 31 May 2026 · Updated: 31 May 2026 · First seen: 31 May 2026