code-projects Accounting System 1.0 SQL Injection Vulnerability (CVE-2026-5034)
A remote SQL injection vulnerability exists in code-projects Accounting System 1.0 via manipulation of the 'cos_id' parameter in '/edit_costumer.php', potentially allowing unauthorized database access.
A SQL injection vulnerability, identified as CVE-2026-5034, has been discovered in code-projects Accounting System version 1.0. The vulnerability resides in the /edit_costumer.php file within the Parameter Handler component. Attackers can remotely exploit this vulnerability by manipulating the cos_id argument. Publicly available exploit code exists, increasing the risk of widespread exploitation. This vulnerability allows unauthenticated remote attackers to potentially execute arbitrary SQL…
Detection coverage 2
Detect SQL Injection Attempts in code-projects Accounting System
highDetects potential SQL injection attacks targeting the cos_id parameter in /edit_costumer.php
Detect code-projects Accounting System /edit_costumer.php Access
infoDetects access to the /edit_costumer.php page, which should be monitored for suspicious activity.
Detection queries are kept inside the platform. Get full rules →