Sourcecodester Simple Doctors Appointment System vulnerabilities

CVE-2026-5181 [MEDIUM] CWE-284 CVE-2026-5181: A vulnerability has been found in SourceCodester Simple Doctors Appointment System up to 1.0. This i A vulnerability has been found in SourceCodester Simple Doctors Appointment System up to 1.0. This issue affects some unknown processing of the file /doctors_appointment/admin/ajax.php?action=save_category. Such manipulation of the argument img leads to unrestricted upload. The attack may be performed from remote. The exploit has been disclosed to the

CVE-2026-5179 [MEDIUM] CWE-74 CVE-2026-5179: A vulnerability was detected in SourceCodester Simple Doctors Appointment System 1.0. This affects a A vulnerability was detected in SourceCodester Simple Doctors Appointment System 1.0. This affects an unknown part of the file /admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.

CVE-2026-5180 [MEDIUM] CWE-74 CVE-2026-5180: A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability af A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=login2. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.