VYPR

Hospitals Patient Records Management System

by Sourcecodester

CVEs (9)

  • CVE-2026-11501HigJun 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /classes/Master.php?f=save_patient. The manipulation of the argument ID results in sql injection. It is possible to…

  • CVE-2026-10185HigMay 31, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The…

  • CVE-2026-10184HigMay 31, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The…

  • CVE-2026-9356HigMay 24, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in SourceCodester Hospitals Patient Records Management System 1.0. This affects an unknown function of the file /admin/patients/manage_history.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from…

  • CVE-2026-9355HigMay 24, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /classes/Master.php?f=save_patient_history. This manipulation of the argument ID causes sql injection. The attack is possible to be…

  • CVE-2026-9342MedMay 23, 2026
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. Impacted is an unknown function of the file /admin/patients/view_history.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely.…

  • CVE-2022-22296MedJan 24, 2022
    risk 0.35cvss 5.3epss 0.01

    Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manage_user endpoint. Simply change the value and data of other users can be displayed.

  • CVE-2026-11468LowJun 8, 2026
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was detected in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /admin/?page=room_types. Performing a manipulation of the argument room results in cross site scripting. The attack is possible…

  • CVE-2026-9564LowMay 26, 2026
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was found in SourceCodester/oretnom23 Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /admin/?page=patients/view_patient. Performing a manipulation of the argument Remarks results in cross site scripting.…