CVE-2026-7072 | CodePanda Source canteen_management_system 1.0 /api/login.php Username sql injection

Inserito da Angelo Barbosa | Apr 26, 2026 | CVE

A vulnerability classified as critical was found in CodePanda Source canteen_management_system 1.0. Affected by this issue is some unknown functionality of the file /api/login.php. The manipulation of the argument Username results in sql injection.

This vulnerability is identified as CVE-2026-7072. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2026-7072 | CodePanda Source canteen_management_system 1.0 /api/login.php Username sql injection

Post correlati

CVE-2024-49408 | Samsung Mobile Devices out-of-bounds write

CVE-2024-41684 | SyroTech SY-GPON-1110-WDONT 3.1.02-231102 Web Management Interface missing secure attribute (CIVN-2024-0225)

CVE-2024-7258 | WooCommerce Google Feed Manager Plugin up to 2.8.0 on WordPress authorization

CVE-2024-11874 | Grid Accordion Lite Plugin up to 1.5.1 on WordPress cross site scripting