CVE-2026-13541 | itsourcecode Hospital Management System 1.0 doctorchangepassword.php newpassword sql injection

Inserito da Angelo Barbosa | Giu 28, 2026 | CVE

A vulnerability was found in itsourcecode Hospital Management System 1.0. It has been declared as critical. This impacts an unknown function of the file /doctorchangepassword.php. Executing a manipulation of the argument newpassword can lead to sql injection.

This vulnerability appears as CVE-2026-13541. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-13541 | itsourcecode Hospital Management System 1.0 doctorchangepassword.php newpassword sql injection

Post correlati

CVE-2026-49938 | Fortinet FortiPortal up to 7.0.14/7.2.8/7.4.7 access control (FG-IR-26-140)

CVE-2024-36673 | SourceCodester Pharmacy Medical Store Point of Sale System 1.0 password sql injection (Issue 39)

CVE-2026-9778 | ATEN Unizon 2.7.262.002 ImportDeviceList path traversal (ZDI-26-382)

CVE-2026-48914 | QEMU virtio-blk Device heap-based overflow