Product

Hospitals Patient Records Management System 1.0

2 briefs RSS

CVE-2026-9356: SourceCodester Hospitals Patient Records Management System SQL Injection

A SQL injection vulnerability exists in SourceCodester Hospitals Patient Records Management System 1.0 within the /admin/patients/manage_history.php file, where manipulation of the ID argument can lead to remote exploitation.

Hospitals Patient Records Management System 1.0 sql-injection cve-2026-9356 web-application

2r 1t 1h ago

high advisory

SourceCodester Hospitals Patient Records Management System SQL Injection Vulnerability (CVE-2026-9355)

2 rules 1 TTP 1 CVE

SourceCodester Hospitals Patient Records Management System version 1.0 is vulnerable to SQL injection (CVE-2026-9355) via the ID parameter in the /classes/Master.php?f=save_patient_history endpoint, allowing a remote attacker to execute arbitrary SQL queries.

Hospitals Patient Records Management System 1.0 sql-injection cve-2026-9355 web-application

2r 1t 1c 1h ago