A vulnerability was found in code-projects Online Hospital Management System 1.0 . It has been rated as critical . This issue affects some unknown processing of the file viewdoctortimings.php . This manipulation of the argument delid causes improper control of resource identifiers. This vulnerability is handled as CVE-2026-10299 . The attack can be initiated remotely. Additionally, an exploit exists.