CVE-2026-11514 PUBLISHED

A flaw has been found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /addpatient.php. This manipulation of the argument admissiontme causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.

• Aki123 (VulDB User) reporter

• VDB-369134 | itsourcecode Hospital Management System addpatient.php sql injection
• VDB-369134 | CTI Indicators (IOB, IOC, TTP, IOA)
• CVE-2026-11514 | CVE Analysis and Report
• Submit #836163 | itsourcecode Hospital Management System V1.0 SQL Injection
• https://github.com/ltranquility/vuln_submit/issues/15
• https://itsourcecode.com/

• SQL Injection CWE
• Injection CWE