CVE-2026-0700

Опубликовано: 08 янв. 2026

Источник: nvd

CVSS3: 7.3

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A vulnerability was determined in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the file /intern/admin/check_admin.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.

Ссылки

https://code-projects.org/
Product
https://github.com/xkalami-Tta0/CVE/blob/main/Intern%20Membership%20Management%20System/Intern%20Membership%20Management%20System%20check_admin.php%20sql%20injection.md
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.339977
Permissions Required
VDB Entry
https://vuldb.com/?id.339977
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.733001
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:carmelo:intern_membership_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 8%

0.0003

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74

CWE-89

Связанные уязвимости

GHSA-322m-p87g-xcpj

CVSS3: 7.3

github

около 1 месяца назад

EPSS

Процентиль: 8%

0.0003

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74

CWE-89