CVE-2026-6006 | code-projects Patient Record Management System 1.0 /edit_hpatient.php ID sql injection

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability identified as critical has been detected in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edit_hpatient.php. The manipulation of the argument ID leads to sql injection.

This vulnerability is documented as CVE-2026-6006. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2026-6006 | code-projects Patient Record Management System 1.0 /edit_hpatient.php ID sql injection

Post correlati

CVE-2025-5964 | M-Files Server up to 25.3.14549 API Endpoint path traversal (EUVD-2025-18348)

CVE-2024-26809 | Linux Kernel up to 6.8.1 nft_set_pipapo Privilege Escalation

CVE-2024-13786 | Education Center Plugin up to 3.6.10 on WordPress themerex_callback_view_more_posts deserialization

CVE-2025-10641 | EfficientLab WorkExaminer Professional up to 4.0.0.52001 cleartext transmission