Cross-Site Request Forgery Vulnerability in SourceCodester's Patients Waiting Area Queue Management System
CVE-2026-1148

5.3MEDIUM

Key Information:

Vendor

Sourcecodester
Status
Patients Waiting Area Queue Management System
Vendor
CVE Published:
19 January 2026

What is CVE-2026-1148?

A vulnerability has been identified in the Patients Waiting Area Queue Management System developed by SourceCodester. Attackers can exploit this vulnerability through cross-site request forgery techniques, allowing unauthorized commands to be executed on behalf of an authenticated user. This can potentially lead to data manipulation or unauthorized actions, making it essential for users to be aware of their system's security and implement necessary measures to mitigate such risks.

Affected Version(s)

Patients Waiting Area Queue Management System 1.0

Patients Waiting Area Queue Management System 1.0

References

https://vuldb.com/?id.341741
vdb-entry
https://vuldb.com/?ctiid.341741
signaturepermissions-required
https://vuldb.com/?submit.735545
third-party-advisory

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

bobsux (VulDB User)
JSON
.