CVE-2026-2199 | code-projects Online Reviewer System 1.0 user-delete.php ID sql injection

Inserito da Angelo Barbosa | Feb 7, 2026 | CVE

A vulnerability marked as critical has been reported in code-projects Online Reviewer System 1.0. The impacted element is an unknown function of the file /reviewer/system/system/admins/manage/users/user-delete.php. Performing a manipulation of the argument ID results in sql injection.

This vulnerability is identified as CVE-2026-2199. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2026-2199 | code-projects Online Reviewer System 1.0 user-delete.php ID sql injection

Post correlati

CVE-2023-52608 | Linux Kernel up to 5.15.148/6.1.75/6.6.14/6.7.2/6.8-rc1 arm_scmi race condition

CVE-2024-30965 | DedeCMS 5.7 member_scores.php cross-site request forgery

CVE-2025-0164 | IBM QRadar SIEM up to 7.5 UP13 IF01 Configuration File permission assignment

CVE-2016-20023 | CKSource CKFinder prior 2.5.0.1 on ASP.NET path traversal