Skip to main content

Hospital Bed Management System

1 CVEs product

Monthly

CVE-2026-16014 MEDIUM POC This Month

SQL injection in the Login Form of code-projects Hospital Bed Management System 1.0 exposes unauthenticated remote attackers to database manipulation via the Username parameter. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms trivial, unauthenticated network exploitation with no user interaction, and the E:P modifier reflects a publicly available proof-of-concept on Gitee. While not listed in CISA KEV, the low barrier to exploitation combined with a public POC elevates practical urgency for any organization running this software, despite the product's niche footprint.

SQLi Hospital Bed Management System
NVD VulDB
CVSS 4.0
5.5
CVSS 5.5
MEDIUM POC This Month

SQL injection in the Login Form of code-projects Hospital Bed Management System 1.0 exposes unauthenticated remote attackers to database manipulation via the Username parameter. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms trivial, unauthenticated network exploitation with no user interaction, and the E:P modifier reflects a publicly available proof-of-concept on Gitee. While not listed in CISA KEV, the low barrier to exploitation combined with a public POC elevates practical urgency for any organization running this software, despite the product's niche footprint.

SQLi Hospital Bed Management System
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy