Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

A SQL injection vulnerability (CVE-2026-9356, CVSS 7.3) has been identified in SourceCodester Hospitals Patient Records Management System 1.0, affecting the patient history management interface. An unauthenticated remote attacker can manipulate the ‘ID’ parameter to extract, modify, or delete patient records from the underlying database. A public proof-of-concept exploit is available, meaning exploitation requires minimal technical skill and no prior access.

Author

Tech Jacks Solutions