CVE-2026-7632

HIGH CVSS 7.3 View on NVD ↗

Description

A vulnerability was determined in code-projects Online Hospital Management System 1.0. This affects an unknown function of the file /viewappointment.php. This manipulation of the argument delid causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References

https://code-projects.org/
https://github.com/Sh1tKing/cve/blob/main/CVE-2026-7632.md
https://github.com/Sh1tKing/cve/blob/main/time-blind-sql.md
https://vuldb.com/submit/806633
https://vuldb.com/vuln/360578
https://vuldb.com/vuln/360578/cti

Published: May 02, 2026 14:16 UTC Modified: May 02, 2026 20:15 UTC