A vulnerability classified as critical has been found in itsourcecode Hospital Management System 1.0 . Affected by this vulnerability is an unknown functionality of the file /patientdetail.php . Performing a manipulation of the argument editid results in sql injection. This vulnerability was named CVE-2026-13578 . The attack may be initiated remotely. In addition, an exploit is available.