Code Projects · Online Hospital Management System · CVE-2026-10208
**Name of the Vulnerable Software and Affected Versions**
code-projects Online Hospital Management System 1.php (affected versions not specified)
**Description**
A flaw in the `login user()` function within the 'login 1.php' file allows for remote SQL injection. This occurs when the `Username` argument is manipulated, enabling an attacker to interfere with the database queries.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.