CVE-2026-5555

code-projects Concert Ticket Reservation System Parameter login.php sql injection

CVSS 6.9 MEDIUMEPSS 0.3%CWE-74 CWE-89

A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parameter Handler. Executing a manipulation of the argument Email can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Productos afectados

code-projects · Concert Ticket Reservation System

PoCs públicas encontradas — 1

cve_referencegithub.com/Wzl731/test/issues/5no verificado

⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://code-projects.org/https://github.com/Wzl731/test/issues/5 https://vuldb.com/submit/782875 https://vuldb.com/vuln/355325 https://vuldb.com/vuln/355325/cti