PT-2026-24919 · Itsourcecode+1 · Online Doctor Appointment System
18202818292
·
Published
2026-03-12
·
Updated
2026-03-16
·
CVE-2026-3980
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
itsourcecode Online Doctor Appointment System version 1.0
Description
A security issue exists in itsourcecode Online Doctor Appointment System 1.0. The issue affects an unknown function within the
/admin/patient action.php file. Manipulation of the patient id argument can lead to SQL injection. The attack can be initiated remotely, and the exploit has been publicly disclosed.Recommendations
versions prior to 1.0
Exploit
Fix
Special Elements Injection
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Online Doctor Appointment System