A vulnerability classified as critical has been found in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /doctortimings.php. The manipulation of the argument editid leads to sql injection.
This vulnerability is referenced as CVE-2026-13548. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
