{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-5150/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["sql-injection","web-application","cve-2026-5150"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eA critical security vulnerability, identified as CVE-2026-5150, has been discovered in code-projects Accounting System version 1.0. The vulnerability resides within the Parameter Handler component, specifically affecting the \u0026lsquo;/viewin_costumer.php\u0026rsquo; file.  By maliciously manipulating the \u0026lsquo;cos_id\u0026rsquo; argument, a remote attacker can inject arbitrary SQL commands into the application\u0026rsquo;s database queries.  Given the public disclosure of this exploit, the risk of exploitation is elevated.  Successful…\u003c/p\u003e\n","date_modified":"2026-03-30T20:16:24Z","date_published":"2026-03-30T20:16:24Z","id":"/briefs/2026-03-code-projects-sql-injection/","summary":"A remote SQL injection vulnerability (CVE-2026-5150) exists in code-projects Accounting System 1.0 via manipulation of the 'cos_id' argument in /viewin_costumer.php, potentially allowing attackers to execute arbitrary SQL commands.","title":"SQL Injection Vulnerability in code-projects Accounting System 1.0 (CVE-2026-5150)","url":"https://feed.craftedsignal.io/briefs/2026-03-code-projects-sql-injection/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-5150","version":"https://jsonfeed.org/version/1.1"}