CVE-2026-11513
MediumCVSS 6.3Summary
A vulnerability was detected in itsourcecode Hospital Management System 1.0, affecting an unknown function of the file /adminaccount.php. Manipulation of the argument Date results in SQL injection.
Risk Assessment
An attacker can remotely exploit this vulnerability, posing a serious threat to the integrity of the database and the confidentiality of information.
Recommendation
It is recommended to immediately update the system to the latest version and implement appropriate protections against SQL injection.
Original NVD description (English source)
A vulnerability was detected in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminaccount.php. The manipulation of the argument Date results in sql injection. The attack can be launched remotely. The exploit is now public and may be used.

