CVE-2026-1550

Medium CVSS: 5.3

A security flaw has been discovered in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/hospital/docappsystem/adminviews.py of the component Admin Dashboard Page. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.

Vendor

Phpgurukul

Product

Hospital Management System

CWE

CWE-266

Yayın Tarihi

2026-01-28 23:15:51

Güncelleme

2026-02-09 15:42:50

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-266 Hospital Management System MEDIUM Phpgurukul 2026

Referanslar

https://github.com/rsecroot/Hospital-Management-System/blob/main/Broken%20Access%20Control.md https://phpgurukul.com/ https://vuldb.com/?ctiid.343246 https://vuldb.com/?id.343246 https://vuldb.com/?submit.739837

Benzer Kayıtlar

Medium

CVE-2024-51226

A stored cross-site scripting (XSS) vulnerability in the component /admin/search-vehicle.php of Phpgurukul Vehicle Recor…

Medium

CVE-2024-51225

A stored cross-site scripting (XSS) vulnerability in the component /admin/add-brand.php of Phpgurukul Vehicle Record Man…

Medium

CVE-2024-51224

Multiple cross-site scripting (XSS) vulnerabilities in the component /admin/edit-vehicle.php of Phpgurukul Vehicle Recor…

Medium

CVE-2024-51223

A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Phpgurukul Vehicle Record Manag…

Medium

CVE-2024-51222

A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Phpgurukul Vehicle Record Manag…

Medium

CVE-2026-3403

A vulnerability was detected in PHPGurukul Student Record Management System 1.0. This issue affects some unknown process…