CVE-2026-9356

HIGH

A vulnerability has been found in SourceCodester Hospitals Patient Records Management System 1.0. This affects an unknown function of the file /admin/patients/manage_history.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

CVSS v3.1 Score

7.3
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
NETWORK
Complexity
LOW
Privileges
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW
Published: 5/24/2026Modified: 5/26/2026

Related Intelligence (1)

HIGHVulnerability

NVD HIGH: CVE-2026-9356 — A vulnerability has been found in SourceCodester Hospitals Patient Records Manag...

A vulnerability has been found in SourceCodester Hospitals Patient Records Management System 1.0. This affects an unknown function of the file /admin/patients/manage_history.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

CVE-2026-9356
NIST NVD

References (5)

https://github.com/yan-124/yan/issues/1https://vuldb.com/submit/813022https://vuldb.com/vuln/365319https://vuldb.com/vuln/365319/ctihttps://www.sourcecodester.com/