PT-2026-22613 · Sourcecodester · Personnel Property Equipment System

Zhang Qi

Publicado

2026-03-02

Atualizado

2026-03-06

CVE-2026-26701

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions sourcecodester Personnel Property Equipment System version 1.0

Description The software is susceptible to SQL Injection through the /ppes/admin/edit tecnical user.php endpoint. The vulnerability allows for potential unauthorized access or modification of data. The vulnerable parameter is not specified.

Recommendations Apply appropriate input validation and sanitization techniques to the /ppes/admin/edit tecnical user.php endpoint to prevent SQL Injection attacks.

Exploit

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2026-26701

Produtos afetados

Personnel Property Equipment System

PT-2026-22613 · Sourcecodester · Personnel Property Equipment System

CVE-2026-26701

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6