PT-2026-7074 · Unknown · Code-Projects Online Reviewer System

Tiancesec

Publicado

2026-02-09

Atualizado

2026-02-09

CVE-2026-2221

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions code-projects Online Reviewer System version 1.0

Description A security flaw exists in code-projects Online Reviewer System 1.0, specifically within the Login component’s /login/index.php file. Manipulation of the Username argument can lead to SQL injection. The attack can be carried out remotely, and an exploit has been publicly released.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

SQL injection

Special Elements Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89CWE-74

Identificadores relacionados

CVE-2026-2221

Produtos afetados

Code-Projects Online Reviewer System

PT-2026-7074 · Unknown · Code-Projects Online Reviewer System

CVE-2026-2221

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9