CVE-2026-5198 | code-projects Student Membership System 1.0 Admin Login /admin/index.php username/password sql injection

Inserito da Angelo Barbosa | Mar 30, 2026 | CVE

A vulnerability marked as critical has been reported in code-projects Student Membership System 1.0. The impacted element is an unknown function of the file /admin/index.php of the component Admin Login. This manipulation of the argument username/password causes sql injection.

This vulnerability is registered as CVE-2026-5198. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2026-5198 | code-projects Student Membership System 1.0 Admin Login /admin/index.php username/password sql injection

Post correlati

CVE-2025-12586 | Conditional Maintenance Mode Plugin up to 1.0.0 on WordPress cross-site request forgery

CVE-2025-15572 | wasm3 up to 0.5.0 NewCodePage memory leak (Issue 550)

CVE-2026-3793 | SourceCodester Sales and Inventory System 1.0 GET Parameter sales_invoice1.php sellid sql injection

CVE-2024-26284 | Mozilla Focus 301/up to 122 on iOS 302 Redirect cross site scripting