{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/hospitals-patient-records-management-system-1.0/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Hospitals Patient Records Management System 1.0"],"_cs_severities":["high"],"_cs_tags":["sql-injection","cve-2026-9356","web-application"],"_cs_type":"advisory","_cs_vendors":["SourceCodester"],"content_html":"\u003cp\u003eA SQL injection vulnerability, identified as CVE-2026-9356, has been discovered in SourceCodester Hospitals Patient Records Management System version 1.0. The vulnerability resides in the \u003ccode\u003e/admin/patients/manage_history.php\u003c/code\u003e file and is triggered by manipulating the \u003ccode\u003eID\u003c/code\u003e argument. An attacker can exploit this vulnerability remotely to inject malicious SQL queries into the application. Publicly available exploits exist, increasing the risk of exploitation. This vulnerability can allow an attacker to potentially read, modify, or delete sensitive patient data within the database. Successful exploitation could lead to unauthorized access to personal health information, compromising patient privacy and the integrity of the hospital\u0026rsquo;s data.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies a vulnerable instance of SourceCodester Hospitals Patient Records Management System 1.0.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting \u003ccode\u003e/admin/patients/manage_history.php\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker injects SQL code into the \u003ccode\u003eID\u003c/code\u003e parameter of the HTTP request.\u003c/li\u003e\n\u003cli\u003eThe application fails to properly sanitize or validate the input provided in the \u003ccode\u003eID\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eThe injected SQL code is executed against the application\u0026rsquo;s database.\u003c/li\u003e\n\u003cli\u003eThe attacker gains unauthorized access to sensitive data, such as patient records, usernames, and passwords.\u003c/li\u003e\n\u003cli\u003eThe attacker may modify or delete data, potentially disrupting hospital operations.\u003c/li\u003e\n\u003cli\u003eThe attacker can potentially use the compromised database to pivot to other systems on the network.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-9356 can lead to unauthorized access to and modification of sensitive patient data. This could result in a breach of patient privacy, financial losses due to regulatory fines, and reputational damage for the affected hospital. Given the potential for data exfiltration and manipulation, the impact is considered significant. There are no specifics on observed victim counts or target sectors beyond healthcare, but successful attacks would cause data breaches and regulatory action.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply available patches or updates from SourceCodester to address CVE-2026-9356 in Hospitals Patient Records Management System 1.0.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect CVE-2026-9356 Exploitation Attempt via SQL Injection\u0026rdquo; to your SIEM to identify exploitation attempts targeting \u003ccode\u003e/admin/patients/manage_history.php\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eImplement input validation and sanitization measures on the \u003ccode\u003eID\u003c/code\u003e parameter in \u003ccode\u003e/admin/patients/manage_history.php\u003c/code\u003e to prevent SQL injection attacks.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious activity, such as unusual characters or SQL keywords in the \u003ccode\u003eID\u003c/code\u003e parameter, using a log monitoring system.\u003c/li\u003e\n\u003cli\u003eApply the Sigma rule \u0026ldquo;Detect Generic SQL Injection in URI Query\u0026rdquo; to detect general SQL injection attempts across the web server.\u003c/li\u003e\n\u003cli\u003eImplement a web application firewall (WAF) to filter out malicious requests and protect against SQL injection attacks.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-26T13:45:19Z","date_published":"2026-05-26T13:45:19Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-9356-sql-injection/","summary":"A SQL injection vulnerability exists in SourceCodester Hospitals Patient Records Management System 1.0 within the /admin/patients/manage_history.php file, where manipulation of the ID argument can lead to remote exploitation.","title":"CVE-2026-9356: SourceCodester Hospitals Patient Records Management System SQL Injection","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-9356-sql-injection/"},{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-9355"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Hospitals Patient Records Management System 1.0"],"_cs_severities":["high"],"_cs_tags":["sql-injection","cve-2026-9355","web-application"],"_cs_type":"advisory","_cs_vendors":["SourceCodester"],"content_html":"\u003cp\u003eSourceCodester Hospitals Patient Records Management System 1.0 is vulnerable to SQL injection. The vulnerability, identified as CVE-2026-9355, resides in the \u003ccode\u003e/classes/Master.php?f=save_patient_history\u003c/code\u003e file.  A remote attacker can exploit this vulnerability by manipulating the \u003ccode\u003eID\u003c/code\u003e argument in a request.  The vulnerability allows for the execution of arbitrary SQL commands. Public exploit code is available. This vulnerability poses a significant risk to organizations using the affected software, potentially leading to data breaches, data manipulation, and unauthorized access to sensitive patient information.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a vulnerable instance of SourceCodester Hospitals Patient Records Management System 1.0.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting the \u003ccode\u003e/classes/Master.php?f=save_patient_history\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eThe attacker injects SQL code into the \u003ccode\u003eID\u003c/code\u003e parameter of the HTTP request.\u003c/li\u003e\n\u003cli\u003eThe application fails to properly sanitize the input, passing the malicious SQL code to the database.\u003c/li\u003e\n\u003cli\u003eThe database executes the injected SQL code.\u003c/li\u003e\n\u003cli\u003eThe attacker retrieves sensitive data from the database, such as patient records or administrative credentials.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the retrieved credentials to gain unauthorized access to the application.\u003c/li\u003e\n\u003cli\u003eThe attacker modifies, deletes, or exfiltrates patient data, causing significant damage to the organization.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SQL injection vulnerability (CVE-2026-9355) in SourceCodester Hospitals Patient Records Management System 1.0 can lead to unauthorized access to sensitive patient data, including personal information, medical history, and financial details. This can result in data breaches, regulatory fines, reputational damage, and potential legal liabilities. The vulnerability allows attackers to read, modify, or delete data, potentially affecting a large number of patients.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply input validation and sanitization to the \u003ccode\u003eID\u003c/code\u003e parameter in \u003ccode\u003e/classes/Master.php?f=save_patient_history\u003c/code\u003e to prevent SQL injection attacks.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect CVE-2026-9355 Exploitation Attempt\u0026rdquo; to detect malicious requests targeting the vulnerable endpoint.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious activity, such as SQL injection attempts targeting \u003ccode\u003e/classes/Master.php?f=save_patient_history\u003c/code\u003e, using the \u0026ldquo;Detect CVE-2026-9355 Exploitation Attempt\u0026rdquo; Sigma rule.\u003c/li\u003e\n\u003cli\u003eImplement a web application firewall (WAF) to filter out malicious requests targeting the vulnerable endpoint.\u003c/li\u003e\n\u003cli\u003eUpdate the SourceCodester Hospitals Patient Records Management System to a patched version as soon as it becomes available.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-26T13:44:58Z","date_published":"2026-05-26T13:44:58Z","id":"https://feed.craftedsignal.io/briefs/2026-05-sourcecodester-sqli/","summary":"SourceCodester Hospitals Patient Records Management System version 1.0 is vulnerable to SQL injection (CVE-2026-9355) via the ID parameter in the /classes/Master.php?f=save_patient_history endpoint, allowing a remote attacker to execute arbitrary SQL queries.","title":"SourceCodester Hospitals Patient Records Management System SQL Injection Vulnerability (CVE-2026-9355)","url":"https://feed.craftedsignal.io/briefs/2026-05-sourcecodester-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed — Hospitals Patient Records Management System 1.0","version":"https://jsonfeed.org/version/1.1"}