CVE-2026-6602 - Vulnerability Details

- rickxy Hospital Management System his_admin_account.php unrestricted upload

Description

A vulnerability was found in rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. Affected is an unknown function of the file /backend/admin/his_admin_account.php. The manipulation of the argument ad_dpic results in unrestricted upload. The attack can be executed remotely. The exploit has been made public and could be used. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable.

Published: 2026-04-20

Score: 6.9 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

An attacker can exploit the his_admin_account.php file in rickxy Hospital Management System by sending a crafted request to the ad_dpic argument, allowing the upload of any file type without restriction. This deficiency permits a malicious user to place executable code on the server, resulting in remote code execution. The flaw combines an input validation weakness (unrestricted upload, CWE‑434) with inadequate access controls (CWE‑284), making it possible to compromise the application even from a remote location.

Affected Systems

The vulnerability exists in all instances of rickxy Hospital Management System registered as up to the commit 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. Because the product follows a rolling release distribution model, specific safe version numbers after remediation are not published, so any current release should be considered potentially vulnerable until an official fix is announced.

Risk and Exploitability

The CVSS score of 6.9 indicates a moderate severity vulnerability. EPSS is not available and the issue is not yet listed in CISA’s KEV catalog, but a public exploit demonstrates that remote execution is achievable. The attack vector is remote via the web interface, and the potential impact includes full compromise of the application’s confidentiality, integrity, and availability.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

rickxy

Hospital Management System

affected

Version	Status	Constraints
`88a4290d957dc5bdde8a56e5ad451ad14f7f90f4`	affected	—

No data.

Vendor Product Confidence Versions

Rickxy

Hospital Management System

95%

Version	Status	Scheme	Platform
`88a4290d957dc5bdde8a56e5ad451ad14f7f90f4`	affected	code_commit	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest patch or upgrade to a newer release that includes the fixed commit.
If no patch is currently available, limit uploads to approved file types and enforce strict MIME type validation to block executable files.
Ensure that the admin interface is protected by robust authentication and session management so that only authorized administrators can upload files.

Generated by OpenCVE AI on April 20, 2026 at 05:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00038.

Exploitation poc

Automatable yes

Technical Impact partial

References

Link	Providers
https://github.com/freeloader9527/cve/issues/2
https://vuldb.com/submit/792092
https://vuldb.com/vuln/358237
https://vuldb.com/vuln/358237/cti

History

Mon, 20 Apr 2026 12:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 20 Apr 2026 04:00:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability was found in rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. Affected is an unknown function of the file /backend/admin/his_admin_account.php. The manipulation of the argument ad_dpic results in unrestricted upload. The attack can be executed remotely. The exploit has been made public and could be used. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable.
Title		rickxy Hospital Management System his_admin_account.php unrestricted upload
First Time appeared		Rickxy Rickxy hospital Management System
Weaknesses		CWE-284 CWE-434
CPEs		cpe:2.3:a:rickxy:hospital_management_system::::::::
Vendors & Products		Rickxy Rickxy hospital Management System
References		https://github.com/freeloader9527/cve/issues/2 https://vuldb.com/submit/792092 https://vuldb.com/vuln/358237 https://vuldb.com/vuln/358237/cti
Metrics		cvssV2_0 `{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Rickxy Hospital Management System

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-04-20T03:45:12.100Z

Updated: 2026-04-20T11:38:41.514Z

Reserved: 2026-04-19T14:04:09.310Z

Link: CVE-2026-6602

Vulnrichment

Updated: 2026-04-20T11:38:35.727Z

NVD

Status : Received

Published: 2026-04-20T04:16:58.933

Modified: 2026-04-20T04:16:58.933

Link: CVE-2026-6602

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-20T05:30:44Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation poc

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object