5.3
/ 10
MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Description
A vulnerability has been found in itsourcecode Hospital Management System 1.0. The impacted element is an unknown function of the file /insertbillingrecord.php. The manipulation of the argument patientid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Basic Information
ID
CVE-2026-13572
Source
VulDB
Published
Jun 29, 2026 at 13:45
Affected Product
Vendor
itsourcecode
Product
Hospital Management System
Version
1.0
Affected Versions
itsourcecode Hospital Management System 1.0