PT-2026-27636 · Code Projects · Simple Laundry System
Tnn2026
·
Published
2026-03-25
·
Updated
2026-04-04
·
CVE-2026-4784
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
code-projects Simple Laundry System version 1.0
Description
A SQL injection issue exists in the Parameter Handler component of the software due to the manipulation of the
serviceId argument. This affects the /checkcheckout.php file and can be exploited remotely. The exploit has been publicly released.Recommendations
Apply any available updates to address the vulnerability in the
/checkcheckout.php file.
As a temporary workaround, restrict or carefully validate the serviceId parameter to prevent SQL injection attacks.Exploit
Fix
SQL injection
Special Elements Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Simple Laundry System