CVE-2026-13530

A vulnerability was identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /appointmentdetail.php of the component Appointment Handler. The manipulation of the argument editid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
Configurations

No configuration.

History

29 Jun 2026, 04:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-29 04:16

Updated : 2026-06-30 18:16


NVD link : CVE-2026-13530

Mitre link : CVE-2026-13530

CVE.ORG link : CVE-2026-13530


JSON object : View

Products Affected

No product.

CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')