CVE-2026-11514

LOW2.1/ 10.0
Share:
Published: June 8, 2026 at 01:16 PM
Modified: June 17, 2026 at 10:14 AM
Source: cna@vuldb.com

Vulnerability Description

A flaw has been found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /addpatient.php. This manipulation of the argument admissiontme causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.

CVSS Metrics

Base Score
2.1
Severity
LOW
Vector String
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Weaknesses (CWE)

Source: cna@vuldb.com