SourceCodester Online Library Management System SQL Injection Vulnerability (CVE-2026-4624)
A remote SQL injection vulnerability (CVE-2026-4624) exists in SourceCodester Online Library Management System 1.0 by manipulating the 'searchField' parameter in the /home.php file, potentially allowing attackers to execute arbitrary SQL commands.
A SQL injection vulnerability, identified as CVE-2026-4624, affects SourceCodester Online Library Management System version 1.0. The vulnerability resides within the /home.php file, specifically in the parameter handler component. By manipulating the searchField argument, an attacker can inject malicious SQL code. The attack is remotely exploitable, meaning that an attacker does not need local access to the server. Given the public availability of the exploit, organizations using the…
Detection coverage 2
Detect SQL Injection Attempt via searchField Parameter
highDetects potential SQL injection attempts by identifying suspicious characters and SQL keywords within the searchField parameter in requests to /home.php.
Detect Suspicious GET Request to home.php
mediumDetects GET requests to home.php which is known to be vulnerable.
Detection queries are kept inside the platform. Get full rules →