High severity7.3NVD Advisory· Published May 31, 2026· Updated Jun 1, 2026
CVE-2026-10185
CVE-2026-10185
Description
A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 1.0
Patches
Vulnerability mechanics
References
6News mentions
2- SourceCodester: 17 Vulnerabilities Disclosed, Including SQLi and SSRF with Public ExploitsVypr Intelligence · Jun 2, 2026
- Code-Projects: Eight SQLi CVEs Across Five Apps Disclosed With Public ExploitsVypr Intelligence · Jun 1, 2026