PT-2026-29221 · Code Projects · Student Membership System

Nomath

Publicado

2026-03-31

Atualizado

2026-03-31

CVE-2026-5198

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions code-projects Student Membership System version 1.0

Description A SQL injection issue exists in the Admin Login component of the software, specifically within the /admin/index.php file. Manipulation of the username and password arguments can trigger the injection. Remote exploitation is possible, and details of the issue have been publicly disclosed.

Recommendations Apply a fix for version 1.0 to address the SQL injection issue in the /admin/index.php file.

Exploit

Correção

SQL injection

Special Elements Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89CWE-74

Identificadores relacionados

CVE-2026-5198

Produtos afetados

Student Membership System

PT-2026-29221 · Code Projects · Student Membership System

CVE-2026-5198

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8