CVE-2026-7118 | code-projects Employee Management System 1.0 370project/cancel.php id/token sql injection

Inserito da Angelo Barbosa | Apr 26, 2026 | CVE

A vulnerability, which was classified as critical, has been found in code-projects Employee Management System 1.0. The affected element is an unknown function of the file 370project/cancel.php. The manipulation of the argument id/token leads to sql injection.

This vulnerability is uniquely identified as CVE-2026-7118. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-7118 | code-projects Employee Management System 1.0 370project/cancel.php id/token sql injection

Post correlati

CVE-2024-8922 | Product Enquiry for WooCommerce Plugin up to 2.2.33.33 on WordPress enquiry_detail.php injection

CVE-2024-43240 | azzaroco Ultimate Membership Pro Plugin up to 12.6 on WordPress privileges management

CVE-2017-20210 | QNAP Photo Station up to 5.2.6/5.4.0 XMR Mining privilege escalation

CVE-2026-35170 | trabucayre openFPGALoader up to 1.1.1 bit File Parser BitParser::parseHeader out-of-bounds