Description
A flaw has been found in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /medicine.php. This manipulation of the argument editid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used.
Problem types
Product status
Timeline
| 2026-07-03: | Advisory disclosed |
| 2026-07-03: | VulDB entry created |
| 2026-07-03: | VulDB entry last update |
Credits
SISUBENY (VulDB User)
References
vuldb.com/vuln/376136 (VDB-376136 | itsourcecode Hospital Management System medicine.php sql injection)
vuldb.com/vuln/376136/cti (VDB-376136 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/cve/CVE-2026-14619 (CVE-2026-14619 | CVE Analysis and Report)
vuldb.com/submit/844842 (Submit #844842 | itsourcecode Hospital Management System V1.0 SQL Injection)
github.com/ltranquility/cve_submit/issues/22
itsourcecode.com/