CVE-2026-7632

CVE Database · CVE-2026-7632

CVE-2026-7632

· HIGHDeferred

CVSS v3.1

7.3

CVSS v4.0

5.5

EPSS

0.27%

Published

May 2, 2026

Modified

May 5, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability was determined in code-projects Online Hospital Management System 1.0. This affects an unknown function of the file /viewappointment.php. This manipulation of the argument delid causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Weaknesses (CWE)

CWE-74CWE-89

References (6)

https://code-projects.org/

https://github.com/Sh1tKing/cve/blob/main/CVE-2026-7632.md

https://github.com/Sh1tKing/cve/blob/main/time-blind-sql.md

https://vuldb.com/submit/806633

https://vuldb.com/vuln/360578

https://vuldb.com/vuln/360578/cti

KEV Catalog EPSS Scores Vendors All CVEs