CVE-2026-0698

Опубликовано: 08 янв. 2026

Источник: nvd

CVSS3: 4.7

CVSS3: 7.2

CVSS2: 5.8

EPSS Низкий

Описание

A vulnerability has been found in code-projects Intern Membership Management System 1.0. This affects an unknown function of the file /intern/admin/edit_students.php. Such manipulation of the argument admin_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Ссылки

https://code-projects.org/
Product
https://github.com/xkalami-Tta0/CVE/blob/main/Intern%20Membership%20Management%20System/Intern%20Membership%20Management%20System%20students_details.php%20sql%20injection.md
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.339975
Permissions Required
VDB Entry
https://vuldb.com/?id.339975
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.732999
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:carmelo:intern_membership_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 7%

0.00027

Низкий

4.7 Medium

CVSS3

7.2 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-jf4p-rj3h-xwmf

CVSS3: 4.7

github

около 1 месяца назад

EPSS

Процентиль: 7%

0.00027

Низкий

4.7 Medium

CVSS3

7.2 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-74