CVE-2026-4617 PUBLISHED

A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is the function ValidateToken of the file /php/api_patient_checkin.php of the component Patient Check-In Module. Executing a manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.

• Abhiram T (VulDB User) reporter

• VDB-352481 | SourceCodester Patients Waiting Area Queue Management System Patient Check-In api_patient_checkin.php ValidateToken improper authorization
• VDB-352481 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #775747 | SourceCodester Patients Waiting Area Queue Management System 1.0 Improper Access Controls
• https://gist.github.com/HxH404/0ab53ccba44456b5400a5908414f5ab1
• https://www.sourcecodester.com/

• Improper Authorization CWE
• Incorrect Privilege Assignment CWE