CVE-2026-11514

Description

A flaw has been found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /addpatient.php. This manipulation of the argument admissiontme causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.

References

• https://github.com/ltranquility/vuln_submit/issues/15
• https://itsourcecode.com/
• https://vuldb.com/cve/CVE-2026-11514
• https://vuldb.com/submit/836163
• https://vuldb.com/vuln/369134