Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.5
CVE-2026-10186: Code-projects Online Hospital Management System 1.0: Patient Data Exposure
CVE-2026-10186
Summary
A vulnerability in the Online Hospital Management System 1.0 allows an attacker to access sensitive patient data. This can happen if an attacker knows how to manipulate certain data inputs. We recommend updating to a fixed version of the software to prevent potential data breaches.
Original title
A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipula...
Original description
A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
5.5
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 31 May 2026 · Updated: 31 May 2026 · First seen: 31 May 2026