PT-2026-24919 · Itsourcecode+1 · Online Doctor Appointment System

18202818292

Publicado

2026-03-12

Atualizado

2026-03-16

CVE-2026-3980

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions itsourcecode Online Doctor Appointment System version 1.0

Description A security issue exists in itsourcecode Online Doctor Appointment System 1.0. The issue affects an unknown function within the /admin/patient action.php file. Manipulation of the patient id argument can lead to SQL injection. The attack can be initiated remotely, and the exploit has been publicly disclosed.

Recommendations versions prior to 1.0

Exploit

Correção

Special Elements Injection

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-74CWE-89

Identificadores relacionados

CVE-2026-3980

Produtos afetados

Online Doctor Appointment System

PT-2026-24919 · Itsourcecode+1 · Online Doctor Appointment System

CVE-2026-3980

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 13