CVE-2026-10299
Received Received - Intake
Online Hospital Management System 1.0 Resource Control Flaw

Publication date: 2026-06-01

Last updated on: 2026-06-01

Assigner: VulDB

Description
A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the file viewdoctortimings.php. This manipulation of the argument delid causes improper control of resource identifiers. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-01
Last Modified
2026-06-01
Generated
2026-06-02
AI Q&A
2026-06-02
EPSS Evaluated
N/A
NVD
CVE-2026-10299
EUVD
EUVD-2026-33832
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-99 The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Online Hospital Management System 1.0, specifically in the file viewdoctortimings.php. It involves improper control of resource identifiers due to manipulation of the argument 'delid'. This weakness can be exploited remotely, allowing an attacker to manipulate the system's behavior.


How can this vulnerability impact me? :

Exploiting this vulnerability could lead to improper control over certain resources within the system. According to the CVSS scores, it has a low to medium impact, potentially causing limited integrity and availability issues. An attacker with high privileges could remotely exploit this to disrupt system operations or alter data.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart