CVE-2026-10209 – code-projects Online Hospital Management System Appointment appointmentdetail.php sql injection

CVE ID :CVE-2026-10209

Published : June 1, 2026, 2:16 a.m. | 16 minutes ago

Description :A vulnerability has been found in code-projects Online Hospital Management System 1.0. Affected is an unknown function of the file appointmentdetail.php of the component Appointment Handler. The manipulation of the argument editid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-10211 – AstrBotDevs AstrBot fs.py _normalize_rw_path authorization

CVE-2026-10210 – AstrBotDevs AstrBot skill_manager.py _sanitize_prompt_description injection

CVE-2026-10208 – code-projects Online Hospital Management System login_1.php login_user sql injection

CVE-2026-10215 – Dolibarr ERP CRM Leave Request REST API api_holidays.class.php checkUserAccessToObject improper authorization