SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System appointments.php cross...

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /appointments.php. The manipulation of the argument patient_id results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used.

Basic Information

ID CVE-2026-2149

Source VulDB

Published Feb 8, 2026 at 11:02

Affected Product

Vendor SourceCodester

Product Patients Waiting Area Queue Management System

Version 1.0

Affected Versions SourceCodester Patients Waiting Area Queue Management System 1.0
Patrick Mvuma Patients Waiting Area Queue Management System 1.0

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /appointments.php. The manipulation of the argument patient_id results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used.",
    "published": "2026-02-08T11:02:07.036Z",
    "modified": "2026-02-08T11:02:07.036Z",
    "type": "cve",
    "title": "SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System appointments.php cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.344851\nhttps://vuldb.com/?ctiid.344851\nhttps://vuldb.com/?submit.747920\nhttps://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Patients-Waiting-Area-Queue-Management-System-appointments-XSS.md",
    "id": "CVE-2026-2149",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "SourceCodester Patients Waiting Area Queue Management System 1.0\nPatrick Mvuma Patients Waiting Area Queue Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Patients Waiting Area Queue Management System",
    "version": "1.0",
    "vendor": "SourceCodester",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System appointments.php cross site scripting_CVE-2026-2149