code-projects Online Hospital Management System viewdoctortimings.php resource injection_CVE-2026-10299

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the file viewdoctortimings.php. This manipulation of the argument delid causes improper control of resource identifiers. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.

Basic Information

ID CVE-2026-10299

Source VulDB

Published Jun 1, 2026 at 22:45

Affected Product

Vendor code-projects

Product Online Hospital Management System

Version 1.0

Affected Versions code-projects Online Hospital Management System 1.0

CWE Classification

CWE-99

References

{
    "lastseen": "",
    "description": "A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the file viewdoctortimings.php. This manipulation of the argument delid causes improper control of resource identifiers. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.",
    "published": "2026-06-01T22:45:09.036Z",
    "modified": "2026-06-01T22:45:09.036Z",
    "type": "cve",
    "title": "code-projects Online Hospital Management System viewdoctortimings.php resource injection",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/367592\nhttps://vuldb.com/vuln/367592/cti\nhttps://vuldb.com/cve/CVE-2026-10299\nhttps://vuldb.com/submit/827505\nhttps://github.com/Carm3nc1ta/vuln-test/blob/main/Online%20Hospital%20Management%20System%20has%20IDOR%20vulnerability%20in%20viewdoctortimings_php.md\nhttps://code-projects.org/",
    "id": "CVE-2026-10299",
    "bulletinFamily": "",
    "cwe": [
        "CWE-99"
    ],
    "cvelist": null,
    "sourceData": "code-projects Online Hospital Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Online Hospital Management System",
    "version": "1.0",
    "vendor": "code-projects",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}