CVE-2026-2149 | SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0 /appointments.php patient_id cross site scripting

Inserito da Angelo Barbosa | Feb 7, 2026 | CVE

A vulnerability, which was classified as problematic, was found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /appointments.php. The manipulation of the argument patient_id results in cross site scripting.

This vulnerability is known as CVE-2026-2149. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2026-2149 | SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0 /appointments.php patient_id cross site scripting

Post correlati

CVE-2025-8772 | Vinades NukeViet up to 4.5.06 Module index.php?language=en&nv=upload server-side request forgery

CVE-2025-12123 | Customer Reviews Collector for WooCommerce Plugin up to 4.6.1 on WordPress text cross site scripting

CVE-2024-51721 | BlackBerry SecuSUITE up to 5.0.420 Web Administration Portal link following

CVE-2024-27380 | Samsung Exynos 1330 slsi_set_delayed_wakeup_type heap-based overflow