CVE-2026-1148

MEDIUM WAF: Low

CVSS 6.5 Published: 2026-01-19

CWE-352 CWE-862

A vulnerability was determined in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. This vulnerability affects unknown code. Executing a manipulation can lead to cross-site request forgery. It is possible to launch the attack remotely.

WAF Coverage Analysis

Cross-Site Request Forgery (CSRF) Low WAF Coverage

OWASP: A01:2021 Broken Access Control

Missing Authorization Low WAF Coverage

OWASP: A01:2021 Broken Access Control

Affected Software

Vendor	Product	Version
pamzey	patients_waiting_area_queue_management_system	1.0

References

vuldb.com (Permissions Required, VDB Entry)
vuldb.com (Third Party Advisory, VDB Entry)
vuldb.com (Third Party Advisory, VDB Entry)

Back to CVE Database