A vulnerability was found in SourceCodester Patient Appointment Scheduler System 1.0 and classified as critical . This affects an unknown part of the file /scheduler/admin/appointments/view_details.php . Such manipulation leads to sql injection. This vulnerability is documented as CVE-2026-37600 . The attack can be executed remotely. There is not any exploit available.