PT-2026-1971 · Code Projects · Intern Membership Management System
Xkalami
·
Published
2026-01-08
·
Updated
2026-01-09
·
CVE-2026-0697
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
code-projects Intern Membership Management System version 1.0
Description
A flaw exists in code-projects Intern Membership Management System version 1.0. The issue involves a SQL injection vulnerability within an unknown function of the
/intern/admin/edit admin.php file. Manipulation of the admin id argument can trigger this vulnerability, allowing for remote exploitation. The exploit has been published.Recommendations
Apply a fix to address the SQL injection vulnerability in the
/intern/admin/edit admin.php file, specifically related to the admin id argument.Exploit
Fix
Special Elements Injection
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Intern Membership Management System