Code-Projects Patient Record Management System vulnerabilities

CVE-2026-6006 [MEDIUM] CWE-74 CVE-2026-6006: A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted e A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edit_hpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2026-6005 [MEDIUM] CWE-74 CVE-2026-6005: A flaw has been found in code-projects Patient Record Management System 1.0. The affected element is A flaw has been found in code-projects Patient Record Management System 1.0. The affected element is an unknown function of the file /hematology_print.php. Executing a manipulation of the argument hem_id can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used.

CVE-2026-5960 [LOW] CWE-200 CVE-2026-5960: A weakness has been identified in code-projects Patient Record Management System 1.0. This affects a A weakness has been identified in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /db/hcpms.sql of the component SQL Database Backup File Handler. Executing a manipulation can lead to information disclosure. The attack can be launched remotely. The exploit has been made available to the public and could be use

CVE-2026-2706 [MEDIUM] CWE-74 CVE-2026-2706: A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown function of the file /fecalysis_not.php. This manipulation of the argument comp_id causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used.

CVE-2025-7754 [MEDIUM] CWE-74 CVE-2025-7754: A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declare A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /xray_form.php. The manipulation of the argument itr_no leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-5857 [MEDIUM] CWE-74 CVE-2025-5857: A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as cr A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /urinalysis_record.php. The manipulation of the argument itr_no leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-5780 [MEDIUM] CWE-74 CVE-2025-5780: A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as cr A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view_dental.php. The manipulation of the argument itr_no leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-5762 [MEDIUM] CWE-74 CVE-2025-5762: A vulnerability, which was classified as critical, was found in code-projects Patient Record Managem A vulnerability, which was classified as critical, was found in code-projects Patient Record Management System 1.0. Affected is an unknown function of the file view_hematology.php. The manipulation of the argument itr_no leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-5779 [MEDIUM] CWE-74 CVE-2025-5779: A vulnerability has been found in code-projects Patient Record Management System 1.0 and classified A vulnerability has been found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /birthing.php. The manipulation of the argument itr_no/comp_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public an

CVE-2025-5627 [MEDIUM] CWE-74 CVE-2025-5627: A vulnerability classified as critical was found in code-projects Patient Record Management System 1 A vulnerability classified as critical was found in code-projects Patient Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /sputum_form.php. The manipulation of the argument itr_no leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used

CVE-2025-5674 [MEDIUM] CWE-74 CVE-2025-5674: A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as cr A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file urinalysis_form.php. The manipulation of the argument urinalysis_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may

CVE-2025-4459 [MEDIUM] CWE-74 CVE-2025-4459: A vulnerability was found in code-projects Patient Record Management System 1.0. It has been rated a A vulnerability was found in code-projects Patient Record Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file fecalysis_form.php. The manipulation of the argument itr_no leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be

CVE-2025-4458 [MEDIUM] CWE-74 CVE-2025-4458: A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declare A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edit_upatient.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and ma

CVE-2025-4197 [MEDIUM] CWE-74 CVE-2025-4197: A vulnerability classified as critical has been found in code-projects Patient Record Management Sys A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. Affected is an unknown function of the file /edit_xpatient.php. The manipulation of the argument lastname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other p

CVE-2025-4021 [MEDIUM] CWE-74 CVE-2025-4021: A vulnerability was found in code-projects Patient Record Management System 1.0. It has been classif A vulnerability was found in code-projects Patient Record Management System 1.0. It has been classified as critical. This affects an unknown part of the file /edit_spatient.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-3955 [MEDIUM] CWE-74 CVE-2025-3955: A vulnerability, which was classified as critical, was found in codeprojects Patient Record Manageme A vulnerability, which was classified as critical, was found in codeprojects Patient Record Management System 1.0. This affects an unknown part of the file /edit_rpatient.php.php. The manipulation of the argument id/lastname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be u

CVE-2025-3685 [MEDIUM] CWE-74 CVE-2025-3685: A vulnerability classified as critical has been found in code-projects Patient Record Management Sys A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. Affected is an unknown function of the file /edit_fpatient.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-3348 [MEDIUM] CWE-74 CVE-2025-3348: A vulnerability classified as critical was found in code-projects Patient Record Management System 1 A vulnerability classified as critical was found in code-projects Patient Record Management System 1.0. This vulnerability affects unknown code of the file /edit_dpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-3347 [MEDIUM] CWE-74 CVE-2025-3347: A vulnerability classified as critical has been found in code-projects Patient Record Management Sys A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /dental_pending.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-3303 [MEDIUM] CWE-74 CVE-2025-3303: A vulnerability, which was classified as critical, has been found in code-projects Patient Record Ma A vulnerability, which was classified as critical, has been found in code-projects Patient Record Management System 1.0. Affected by this issue is some unknown functionality of the file /birthing_record.php. The manipulation of the argument itr_no leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public