{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-5034/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["sqli","cve-2026-5034","web-application"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eA SQL injection vulnerability, identified as CVE-2026-5034, has been discovered in code-projects Accounting System version 1.0. The vulnerability resides in the \u003ccode\u003e/edit_costumer.php\u003c/code\u003e file within the Parameter Handler component. Attackers can remotely exploit this vulnerability by manipulating the \u003ccode\u003ecos_id\u003c/code\u003e argument. Publicly available exploit code exists, increasing the risk of widespread exploitation. This vulnerability allows unauthenticated remote attackers to potentially execute arbitrary SQL…\u003c/p\u003e\n","date_modified":"2026-03-29T06:16:12Z","date_published":"2026-03-29T06:16:12Z","id":"/briefs/2026-03-code-projects-sqli/","summary":"A remote SQL injection vulnerability exists in code-projects Accounting System 1.0 via manipulation of the 'cos_id' parameter in '/edit_costumer.php', potentially allowing unauthorized database access.","title":"code-projects Accounting System 1.0 SQL Injection Vulnerability (CVE-2026-5034)","url":"https://feed.craftedsignal.io/briefs/2026-03-code-projects-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-5034","version":"https://jsonfeed.org/version/1.1"}