CVE-2026-7631

CVE Database · CVE-2026-7631

CVE-2026-7631

· MEDIUMDeferred

CVSS v3.1

5.4

CVSS v4.0

2.1

EPSS

0.22%

Published

May 2, 2026

Modified

May 5, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability was found in code-projects Online Hospital Management System 1.0. The impacted element is an unknown function of the component Registration Handler. The manipulation of the argument Username results in improper authorization. The attack can be executed remotely. The exploit has been made public and could be used.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Weaknesses (CWE)

CWE-266CWE-285

References (5)

https://code-projects.org/

https://github.com/MyMySSS/CVE123/blob/main/cve2/cve2.md

https://vuldb.com/submit/806565

https://vuldb.com/vuln/360577

https://vuldb.com/vuln/360577/cti

KEV Catalog EPSS Scores Vendors All CVEs