SQL Injection Vulnerability in Student Membership System 1.0
CVE-2026-5198 is a SQL injection vulnerability in the Admin Login component of code-projects Student Membership System 1.0, affecting the /admin/index.php file, enabling remote exploitation through manipulation of username/password parameters.
A SQL injection vulnerability, identified as CVE-2026-5198, exists within the code-projects Student Membership System version 1.0. Specifically, the vulnerability lies within the Admin Login component’s /admin/index.php file. Attackers can remotely exploit this vulnerability by manipulating the username and password parameters, leading to arbitrary SQL command execution. Public exploit code is available, increasing the risk of widespread exploitation. This vulnerability poses a…
Detection coverage 2
Detect Suspicious Login Attempts with SQL Injection Patterns
highDetects suspicious login attempts to /admin/index.php with potential SQL injection payloads in username or password fields.
Detect SQL Injection Error Messages
mediumDetects server error messages indicative of SQL injection attempts.
Detection queries are kept inside the platform. Get full rules →