CVE-2026-3724 PUBLISHED

A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. This impacts an unknown function of the file /checkin.php. This manipulation of the argument patient_id causes improper authorization. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.

• Hiran (VulDB User) reporter

• VDB-349700 | SourceCodester Patients Waiting Area Queue Management System checkin.php improper authorization
• VDB-349700 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #766389 | SourceCodester Web-based-Pharmacy-Product-Management-System 1.0 Business Logic Errors
• https://github.com/hiranerakkot/Patients-Waiting-Area-Queue-Management-System/blob/main/README.md
• https://www.sourcecodester.com/

• Improper Authorization CWE
• Incorrect Privilege Assignment CWE