← volver
CVE-2026-6000

code-projects Online Library Management System SQL Database Backup File library.sql information disclosure

CVSS 5.3 MEDIUMEPSS 0.3%CWE-200CWE-284
A vulnerability was found in code-projects Online Library Management System 1.0. Affected is an unknown function of the file /sql/library.sql of the component SQL Database Backup File Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been made public and could be used.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
Productos afectados
code-projects · Online Library Management System
PoCs públicas encontradas1
cve_referencegithub.com/ahmadmarz10-hub/CVEsMarz/blob/main/Sensitive%20Information%20Disclosure%20in%20Online%20Library%20Management%20System%20PHP%20Exposed%20Database%20Backup.mdno verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://code-projects.org/https://github.com/ahmadmarz10-hub/CVEsMarz/blob/main/Sensitive%20Information%20Disclosure%20in%20Online%20Library%20Management%20System%20PHP%20Exposed%20Database%20Backup.mdhttps://vuldb.com/submit/793895https://vuldb.com/vuln/356554https://vuldb.com/vuln/356554/cti