Is CVE-2026-13497 being exploited?

No public exploit is currently tracked.

How severe is CVE-2026-13497?

CVE-2026-13497 has a CVSS v3 severity of MEDIUM (6.3).

Back

CVE-2026-13497

Description

A vulnerability was determined in itsourcecode Hospital Management System 1.0. The impacted element is an unknown function of the file /appointment.php. This manipulation of the argument editid causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.