CVE-2026-13497 | itsourcecode Hospital Management System 1.0 /appointment.php editid sql injection (EUVD-2026-39995)
A vulnerability was found in itsourcecode Hospital Management System 1.0. It has been classified as critical. The impacted element is an unknown function of the file /appointment.php. This manipulation of the argument editid causes sql injection.
This vulnerability is handled as CVE-2026-13497. The attack can be initiated remotely. Additionally, an exploit exists.