CVE-2026-13520 | itsourcecode Hospital Management System 1.0 Appointment /appointmentapproval.php editid sql injection

Inserito da Angelo Barbosa | Giu 28, 2026 | CVE

A vulnerability classified as critical has been found in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /appointmentapproval.php of the component Appointment Handler. This manipulation of the argument editid causes sql injection.

This vulnerability is tracked as CVE-2026-13520. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-13520 | itsourcecode Hospital Management System 1.0 Appointment /appointmentapproval.php editid sql injection

Post correlati

CVE-2025-23887 | Scott Allan Wallick Blog Summary Plugin up to 0.1.2 β on WordPress cross site scripting

CVE-2024-25630 | Cilium up to 1.14.6 CRD missing encryption (GHSA-7496-fgv9-xw82)

CVE-2024-39723 | IBM Storage Virtualize 8.6 USB Port unknown vulnerability (XFDB-295935)

CVE-2025-69081 | ThemeREX Group Hope Plugin up to 3.0.0 on WordPress filename control