Vulnerabilities ›

CVE-2026-5180

High

CWE-74 — Weakness Type

                    Published: Mar 31, 2026                      ·  Modified: Apr 7, 2026                      ·  Source: NVD                

CVSS v3

7.3

🔗 NVD Official

📄 Description (English)

A flaw has been found in SourceCodester Simple Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=login2. This manipulation of the argument email causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.

🤖 AI Executive Summary

CVE-2026-5180 is a critical SQL injection vulnerability in SourceCodester Simple Doctors Appointment System 1.0 affecting the admin login functionality. The flaw allows remote attackers to manipulate the email parameter in /admin/ajax.php to execute arbitrary SQL queries, potentially leading to unauthorized access, data theft, and system compromise. With a CVSS score of 7.3 and no patch currently available, this poses an immediate threat to healthcare organizations using this system.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: May 7, 2026 01:55

🇸🇦 Saudi Arabia Impact Assessment

This vulnerability poses significant risk to Saudi healthcare sector organizations using this appointment system, including private clinics, hospitals, and healthcare providers. The SQL injection in the admin login mechanism could allow attackers to bypass authentication, access sensitive patient data (PHI), modify medical records, or establish persistent backdoors. Government health entities under MOH oversight and ARAMCO healthcare facilities are particularly at risk. The vulnerability also affects any government or private sector organizations using this system for appointment management. Potential impact includes HIPAA-equivalent violations under Saudi healthcare regulations and compromise of critical healthcare infrastructure.

🏢 Affected Saudi Sectors

Healthcare Government Health Services Private Clinics and Hospitals Telehealth Providers Corporate Healthcare Facilities Government Agencies using appointment systems Educational Institutions with healthcare services

🎯 MITRE ATT&CK Techniques

T1190 - Exploit Public-Facing Application T1566 - Phishing (if used for credential harvesting) T1078 - Valid Accounts (post-exploitation) T1005 - Data from Local System (data exfiltration) T1136 - Create Account (privilege escalation) T1098 - Account Manipulation T1040 - Network Sniffing (credential capture)

⚖️ Saudi Risk Score (AI)

8.2

/ 10.0

🔧 Remediation Steps (English)

IMMEDIATE ACTIONS:

1. Disable or restrict access to /admin/ajax.php endpoint immediately, especially the login2 action

2. Implement Web Application Firewall (WAF) rules to block SQL injection patterns in email parameter

3. Conduct urgent audit of admin access logs for suspicious login attempts or SQL injection payloads

4. Force password reset for all admin accounts and implement multi-factor authentication

5. Isolate affected systems from production environment if possible

PATCHING GUIDANCE:

1. Contact SourceCodester for security patch availability or consider alternative appointment systems

2. If patch becomes available, apply immediately after testing in non-production environment

3. Implement input validation: whitelist email format validation, use parameterized queries

COMPENSATING CONTROLS (until patch available):

1. Implement strict input validation on email parameter - reject non-standard email formats

2. Use Web Application Firewall with SQL injection detection rules

3. Implement database query logging and monitoring for suspicious SQL patterns

4. Restrict admin panel access to specific IP ranges/VPN only

5. Implement rate limiting on login attempts

6. Deploy IDS/IPS signatures for SQL injection detection

DETECTION RULES:

1. Monitor for SQL keywords in email parameter: UNION, SELECT, DROP, INSERT, UPDATE, DELETE, OR, AND

2. Alert on multiple failed login attempts followed by successful access

3. Monitor database error messages in application logs

4. Track unusual database queries from application user accounts

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. تعطيل أو تقييد الوصول إلى نقطة نهاية /admin/ajax.php فوراً، خاصة إجراء login2

2. تنفيذ قواعد جدار حماية تطبيقات الويب (WAF) لحجب أنماط حقن SQL في معامل البريد الإلكتروني

3. إجراء تدقيق عاجل لسجلات الوصول للمسؤولين بحثاً عن محاولات تسجيل دخول مريبة أو حمولات حقن SQL

4. فرض إعادة تعيين كلمة المرور لجميع حسابات المسؤولين وتنفيذ المصادقة متعددة العوامل

5. عزل الأنظمة المتأثرة عن بيئة الإنتاج إن أمكن

إرشادات التصحيح:

1. التواصل مع SourceCodester للحصول على تصحيح أمني أو النظر في أنظمة تعيين بديلة

2. إذا أصبح التصحيح متاحاً، قم بتطبيقه فوراً بعد الاختبار في بيئة غير الإنتاج

3. تنفيذ التحقق من صحة الإدخال: التحقق من صيغة البريد الإلكتروني، استخدام الاستعلامات المعاملة

الضوابط التعويضية (حتى توفر التصحيح):

1. تنفيذ التحقق الصارم من صحة معامل البريد الإلكتروني - رفض صيغ البريد الإلكتروني غير القياسية

2. استخدام جدار حماية تطبيقات الويب مع قواعد كشف حقن SQL

3. تنفيذ تسجيل مراقبة استعلامات قاعدة البيانات للأنماط المريبة

4. تقييد الوصول إلى لوحة المسؤول على نطاقات IP محددة/VPN فقط

5. تنفيذ تحديد معدل محاولات تسجيل الدخول

6. نشر توقيعات IDS/IPS لكشف حقن SQL

قواعد الكشف:

1. مراقبة كلمات مفاتيح SQL في معامل البريد الإلكتروني: UNION, SELECT, DROP, INSERT, UPDATE, DELETE, OR, AND

2. التنبيه على محاولات تسجيل دخول متعددة فاشلة متبوعة بوصول ناجح

3. مراقبة رسائل خطأ قاعدة البيانات في سجلات التطبيق

4. تتبع استعلامات قاعدة البيانات غير العادية من حسابات مستخدمي التطبيق

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

ECC 2024 A.14.2.1 - Secure development policy and procedures ECC 2024 A.14.2.5 - Secure coding practices and input validation ECC 2024 A.14.2.6 - Security testing and vulnerability management ECC 2024 A.13.1.1 - Network security controls and access restrictions

🔵 SAMA CSF

SAMA CSF ID.BE-1 - Business Environment and Risk Management SAMA CSF PR.AC-1 - Access Control and Authentication SAMA CSF PR.DS-6 - Data Protection and Integrity SAMA CSF DE.CM-1 - Detection and Monitoring

🟡 ISO 27001:2022

ISO 27001:2022 A.5.15 - Access Control ISO 27001:2022 A.8.22 - Information Security for Development and Support Processes ISO 27001:2022 A.8.23 - Information Security Testing ISO 27001:2022 A.12.6.1 - Management of Technical Vulnerabilities

🟣 PCI DSS v4.0.1

PCI DSS 6.5.1 - Injection flaws prevention PCI DSS 6.2 - Security patches and updates PCI DSS 8.2.3 - Strong authentication mechanisms

🔗 References & Sources 5

🔗

http://github.com/dyh1213-wq/cve/issues/4

cna@vuldb.com

🔗

https://vuldb.com/submit/780354

cna@vuldb.com

🔗

https://vuldb.com/vuln/354248

cna@vuldb.com

🔗

https://vuldb.com/vuln/354248/cti

cna@vuldb.com

🔗

https://www.sourcecodester.com/

cna@vuldb.com

📊 CVSS Score

7.3

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityL — Low / Local

IntegrityL — Low / Local

AvailabilityL — Low / Local

📋 Quick Facts

Severity High

CVSS Score7.3

CWECWE-74

EPSS0.03%

Exploit No

Patch ✗ No

Published 2026-03-31

Source Feed nvd

🇸🇦 Saudi Risk Score

8.2

/ 10.0 — Saudi Risk

Priority: CRITICAL

🏷️ Tags

CWE-74

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2026-5180

💬 Comments

Introduce Yourself

Sign In Required