CVE-2026-5960

CWE-200Information ExposureCWE-284Improper Access Control3 documents3 sources
Severity
2.1LOW
EPSS
0.0%
top 90.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Code-projects Patient Record Management System
Timeline
PublishedApr 9

Description

A weakness has been identified in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /db/hcpms.sql of the component SQL Database Backup File Handler. Executing a manipulation can lead to information disclosure. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages1 packages

🔴Vulnerability Details

2
CVEList
code-projects Patient Record Management System SQL Database Backup File hcpms.sql information disclosure2026-04-09
GHSA
GHSA-48cj-9hxc-pmg3: A weakness has been identified in code-projects Patient Record Management System 12026-04-09
CVE-2026-5960 (LOW CVSS 2.1) | A weakness has been identified in c | cvebase.io