CVE-2026-13548

A vulnerability was identified in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /doctortimings.php. The manipulation of the argument editid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
Configurations

No configuration.

History

29 Jun 2026, 09:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-29 09:16

Updated : 2026-06-30 18:16


NVD link : CVE-2026-13548

Mitre link : CVE-2026-13548

CVE.ORG link : CVE-2026-13548


JSON object : View

Products Affected

No product.

CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')