A flaw has been found in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /medicine.php. This manipulation of the argument editid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used.
History

Tue, 07 Jul 2026 03:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sat, 04 Jul 2026 07:30:00 +0000

Type Values Removed Values Added
Description A flaw has been found in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /medicine.php. This manipulation of the argument editid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used.
Title itsourcecode Hospital Management System medicine.php sql injection
First Time appeared Itsourcecode
Itsourcecode hospital Management System
Weaknesses CWE-74
CWE-89
CPEs cpe:2.3:a:itsourcecode:hospital_management_system:*:*:*:*:*:*:*:*
Vendors & Products Itsourcecode
Itsourcecode hospital Management System
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-07-04T06:30:07.999Z

Updated: 2026-07-07T02:28:36.540Z

Reserved: 2026-07-03T16:46:53.251Z

Link: CVE-2026-14619

cve-icon Vulnrichment

Updated: 2026-07-07T02:28:31.833Z

cve-icon NVD

No data.

cve-icon Redhat

No data.