EIP-2026-105416
PRE-CVEBayanno Hospital Management System 4.0 - Cross-Site Scripting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-105416. PoCs published by Gokhan Sagoglu.
AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in Bayanno Hospital Management System 4.0, where malicious JavaScript can be injected via the appointment booking feature and executed when viewed in the admin panel.
Description
Bayanno Hospital Management System 4.0 - Cross-Site Scripting
Exploits (1)
exploitdb
WORKING POC
by Gokhan Sagoglu · textwebappsphp
https://www.exploit-db.com/exploits/45375
This exploit demonstrates a stored XSS vulnerability in Bayanno Hospital Management System 4.0, where malicious JavaScript can be injected via the appointment booking feature and executed when viewed in the admin panel.
Classification
Working Poc 95%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
Bayanno Hospital Management System v4.0
No auth needed
Prerequisites:
Access to the appointment booking page · Admin panel access to trigger the payload
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026