5.3
/ 10
MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Description
A vulnerability was determined in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /appointmentapproval.php of the component Appointment Handler. This manipulation of the argument editid causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
Basic Information
ID
CVE-2026-13520
Source
VulDB
Published
Jun 29, 2026 at 00:45
Affected Product
Vendor
itsourcecode
Product
Hospital Management System
Version
1.0
Affected Versions
itsourcecode Hospital Management System 1.0