CVE-2026-7631

MEDIUM

code-projects Online Hospital Management System Registration improper authorization

Title source: cna

Description

A vulnerability was found in code-projects Online Hospital Management System 1.0. The impacted element is an unknown function of the component Registration Handler. The manipulation of the argument Username results in improper authorization. The attack can be executed remotely. The exploit has been made public and could be used.

References (5)

Core 5

Core References

Vdb Entry, Technical Description vdb-entry technical-description

VDB-360577 | code-projects Online Hospital Management System Registration improper authorization

https://vuldb.com/vuln/360577

Signature, Permissions Required signature permissions-required

VDB-360577 | CTI Indicators (IOB, IOC, TTP, IOA)

https://vuldb.com/vuln/360577/cti

Third Party Advisory third-party-advisory

Submit #806565 | Code-projects Online Hospital Management System V1.0 unauthorized access

https://vuldb.com/submit/806565

Exploit exploit

https://github.com/MyMySSS/CVE123/blob/main/cve2/cve2.md

View Exploit ZIP pw:eip

Product product

https://code-projects.org/

Scores

CVSS v3 5.4

EPSS 0.0004

EPSS Percentile 12.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-266 CWE-285

Status published

Products (1)

code-projects/Online Hospital Management System 1.0

Published May 02, 2026

Tracked Since May 02, 2026