{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/code-projects/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-7632"}],"_cs_exploited":false,"_cs_products":["Online Hospital Management System 1.0"],"_cs_severities":["high"],"_cs_tags":["sql-injection","web-application","vulnerability"],"_cs_type":"advisory","_cs_vendors":["code-projects"],"content_html":"\u003cp\u003eCVE-2026-7632 is a critical security flaw affecting code-projects Online Hospital Management System version 1.0. The vulnerability lies within the \u003ccode\u003e/viewappointment.php\u003c/code\u003e file, where insufficient input validation allows for SQL injection via the \u003ccode\u003edelid\u003c/code\u003e argument. A remote attacker can exploit this vulnerability to inject arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion. The exploit is publicly disclosed, increasing the risk of widespread exploitation. This vulnerability poses a significant threat to organizations using the affected system, as it could compromise sensitive patient data and disrupt hospital operations.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies an instance of code-projects Online Hospital Management System 1.0 running the vulnerable \u003ccode\u003e/viewappointment.php\u003c/code\u003e script.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting \u003ccode\u003e/viewappointment.php\u003c/code\u003e with a specially crafted \u003ccode\u003edelid\u003c/code\u003e parameter containing SQL injection payloads.\u003c/li\u003e\n\u003cli\u003eThe application fails to properly sanitize the \u003ccode\u003edelid\u003c/code\u003e input, allowing the injected SQL code to be passed to the database.\u003c/li\u003e\n\u003cli\u003eThe injected SQL code is executed against the database server.\u003c/li\u003e\n\u003cli\u003eThe attacker retrieves sensitive data such as patient records, usernames, and passwords from the database using SQL queries like \u003ccode\u003eUNION SELECT\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker may modify or delete data within the database.\u003c/li\u003e\n\u003cli\u003eThe attacker could potentially escalate privileges within the application by manipulating user roles or injecting administrative accounts.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-7632 can lead to severe consequences, including unauthorized access to sensitive patient data, such as medical history, personal information, and financial records. Attackers could modify or delete critical data, disrupting hospital operations and potentially impacting patient care. The vulnerability could also allow attackers to gain control of the system, leading to further malicious activities like data exfiltration or ransomware deployment. This poses a significant risk to the privacy and security of patient information.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect SQL Injection in Online Hospital Management System\u003c/code\u003e to your SIEM to identify exploitation attempts targeting the \u003ccode\u003e/viewappointment.php\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eImplement input validation and sanitization measures in the \u003ccode\u003e/viewappointment.php\u003c/code\u003e script to prevent SQL injection attacks.\u003c/li\u003e\n\u003cli\u003eUpgrade to a patched version of code-projects Online Hospital Management System that addresses CVE-2026-7632 (if available).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-02T14:16:18Z","date_published":"2026-05-02T14:16:18Z","id":"/briefs/2026-05-online-hospital-management-sql-injection/","summary":"CVE-2026-7632 is a SQL injection vulnerability in code-projects Online Hospital Management System 1.0, allowing a remote attacker to execute arbitrary SQL commands by manipulating the 'delid' argument in the '/viewappointment.php' file.","title":"code-projects Online Hospital Management System SQL Injection Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-online-hospital-management-sql-injection/"},{"_cs_actors":[],"_cs_cves":[{"cvss":8.8,"id":"CVE-2026-7503"}],"_cs_exploited":false,"_cs_products":["Plugin 4.1.2cu.5137"],"_cs_severities":["critical"],"_cs_tags":["buffer-overflow","remote-code-execution","cve-2026-7503"],"_cs_type":"advisory","_cs_vendors":["code-projects"],"content_html":"\u003cp\u003eA critical buffer overflow vulnerability, identified as CVE-2026-7503, has been discovered in code-projects Plugin version 4.1.2cu.5137. The vulnerability resides within the \u003ccode\u003esetWiFiMultipleConfig\u003c/code\u003e function in the \u003ccode\u003e/lib/cste_modules/wireless.so\u003c/code\u003e library, which is part of the \u003ccode\u003e/cgi-bin/cstecgi.cgi\u003c/code\u003e executable. Successful exploitation is achieved through manipulation of the \u003ccode\u003ewepkey2\u003c/code\u003e argument, allowing for remote code execution. The vulnerability is considered highly critical due to the availability of a public exploit, increasing the likelihood of widespread exploitation and potential compromise of affected systems. This poses a significant threat to devices utilizing the vulnerable plugin version.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a system running code-projects Plugin 4.1.2cu.5137.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting the \u003ccode\u003e/cgi-bin/cstecgi.cgi\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eThe request includes a specially crafted payload for the \u003ccode\u003ewepkey2\u003c/code\u003e argument within the \u003ccode\u003esetWiFiMultipleConfig\u003c/code\u003e function.\u003c/li\u003e\n\u003cli\u003eThe vulnerable function \u003ccode\u003esetWiFiMultipleConfig\u003c/code\u003e processes the malicious input without proper bounds checking.\u003c/li\u003e\n\u003cli\u003eThe oversized \u003ccode\u003ewepkey2\u003c/code\u003e argument overflows the buffer, overwriting adjacent memory regions.\u003c/li\u003e\n\u003cli\u003eThe attacker injects malicious code into the memory space via the buffer overflow.\u003c/li\u003e\n\u003cli\u003eThe injected code executes, granting the attacker control over the affected system.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-7503 can lead to complete system compromise, allowing attackers to execute arbitrary code, steal sensitive information, or cause denial-of-service conditions. Due to the ready availability of an exploit, any system running the vulnerable code-projects plugin version 4.1.2cu.5137 is at immediate risk. The lack of specific victim numbers or sector targeting information in the provided source does not diminish the critical nature of the vulnerability given the high CVSS score (8.8) and public exploit.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect Code-Projects WiFi Configuration Buffer Overflow Attempt\u0026rdquo; to your SIEM to detect exploitation attempts targeting the vulnerable \u003ccode\u003esetWiFiMultipleConfig\u003c/code\u003e function and monitor web server logs (cs-uri-query).\u003c/li\u003e\n\u003cli\u003eApply input validation and sanitization to prevent buffer overflows. This issue occurs within the \u003ccode\u003e/lib/cste_modules/wireless.so\u003c/code\u003e library called by \u003ccode\u003e/cgi-bin/cstecgi.cgi\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for suspicious requests targeting the \u003ccode\u003e/cgi-bin/cstecgi.cgi\u003c/code\u003e endpoint, as this is the entry point for exploiting CVE-2026-7503.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-30T22:16:26Z","date_published":"2026-04-30T22:16:26Z","id":"/briefs/2026-04-code-projects-buffer-overflow/","summary":"A buffer overflow vulnerability (CVE-2026-7503) exists in code-projects Plugin 4.1.2cu.5137, allowing a remote attacker to execute arbitrary code by manipulating the 'wepkey2' argument in the 'setWiFiMultipleConfig' function of the '/lib/cste_modules/wireless.so' library, posing a critical risk due to publicly available exploits.","title":"code-projects Plugin 4.1.2cu.5137 Buffer Overflow Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-04-code-projects-buffer-overflow/"},{"_cs_actors":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-7131"}],"_cs_exploited":false,"_cs_products":["Online Lot Reservation System"],"_cs_severities":["high"],"_cs_tags":["sql-injection","web-application","cve"],"_cs_type":"advisory","_cs_vendors":["code-projects"],"content_html":"\u003cp\u003eA SQL injection vulnerability, identified as CVE-2026-7131, has been discovered in code-projects Online Lot Reservation System version 1.0 and earlier. This vulnerability is located in the \u003ccode\u003e/loginuser.php\u003c/code\u003e file and can be exploited by manipulating the \u003ccode\u003eemail\u003c/code\u003e and \u003ccode\u003epassword\u003c/code\u003e arguments. Successful exploitation could allow a remote attacker to execute arbitrary SQL commands, potentially leading to unauthorized data access, modification, or deletion. The vulnerability is remotely exploitable and a public exploit is available, increasing the risk of exploitation. Due to the sensitive nature of lot reservation data, organizations using this system are at risk of significant data compromise.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies a vulnerable instance of code-projects Online Lot Reservation System version 1.0.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting the \u003ccode\u003e/loginuser.php\u003c/code\u003e file.\u003c/li\u003e\n\u003cli\u003eWithin the request, the attacker injects SQL code into the \u003ccode\u003eemail\u003c/code\u003e or \u003ccode\u003epassword\u003c/code\u003e parameters.\u003c/li\u003e\n\u003cli\u003eThe application fails to properly sanitize the input, passing the malicious SQL code to the database.\u003c/li\u003e\n\u003cli\u003eThe database executes the injected SQL code, treating it as a legitimate query.\u003c/li\u003e\n\u003cli\u003eThe attacker gains unauthorized access to the database, potentially reading sensitive information such as user credentials, reservation details, or financial data.\u003c/li\u003e\n\u003cli\u003eThe attacker may modify or delete data within the database, disrupting the system\u0026rsquo;s functionality.\u003c/li\u003e\n\u003cli\u003eThe attacker can potentially use the compromised database to pivot to other systems or escalate privileges within the network.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-7131 can result in unauthorized access to sensitive data within the Online Lot Reservation System. This could include user credentials, reservation details, and financial information. The vulnerability affects systems running code-projects Online Lot Reservation System up to version 1.0. Due to the availability of a public exploit, the risk of exploitation is elevated. A successful attack could lead to data breaches, financial loss, and reputational damage.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply appropriate input validation and sanitization techniques to prevent SQL injection attacks within the \u003ccode\u003e/loginuser.php\u003c/code\u003e file.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect SQL Injection Attempt via Login\u003c/code\u003e to identify potential exploitation attempts against the \u003ccode\u003e/loginuser.php\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious requests targeting the \u003ccode\u003e/loginuser.php\u003c/code\u003e file, specifically looking for SQL syntax within the \u003ccode\u003eemail\u003c/code\u003e or \u003ccode\u003epassword\u003c/code\u003e parameters.\u003c/li\u003e\n\u003cli\u003eReview and harden database access controls to limit the impact of successful SQL injection attacks.\u003c/li\u003e\n\u003cli\u003eImplement a web application firewall (WAF) with rules to detect and block SQL injection attempts.\u003c/li\u003e\n\u003cli\u003eDisable Javascript to ensure complete website functionality.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-27T15:16:21Z","date_published":"2026-04-27T15:16:21Z","id":"/briefs/2026-04-online-lot-sqli/","summary":"CVE-2026-7131 is a SQL injection vulnerability in code-projects Online Lot Reservation System up to version 1.0, affecting the /loginuser.php component via manipulation of the email/password arguments, which could allow remote attackers to execute arbitrary SQL queries.","title":"Online Lot Reservation System SQL Injection Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-04-online-lot-sqli/"},{"_cs_actors":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-7070"}],"_cs_exploited":false,"_cs_products":["Inventory Management System 1.0"],"_cs_severities":["high"],"_cs_tags":["sql-injection","web-application","vulnerability"],"_cs_type":"advisory","_cs_vendors":["code-projects"],"content_html":"\u003cp\u003eA SQL injection vulnerability has been identified in code-projects Inventory Management System version 1.0. The vulnerability resides within the Login component and is triggered by manipulating the Username argument. Successful exploitation allows a remote attacker to inject malicious SQL queries, potentially leading to unauthorized access to sensitive data, modification of existing records, or even complete database takeover. The vulnerability, identified as CVE-2026-7070, has a CVSS v3.1 score of 7.3, indicating a high severity. Publicly available exploits exist, increasing the risk of widespread exploitation. This vulnerability poses a significant threat to organizations using the affected Inventory Management System, potentially leading to data breaches and financial losses.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a login form within the code-projects Inventory Management System 1.0.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious SQL injection payload within the Username field of the login form.\u003c/li\u003e\n\u003cli\u003eThe attacker submits the crafted payload through an HTTP POST request to the login endpoint.\u003c/li\u003e\n\u003cli\u003eThe application fails to properly sanitize or validate the input provided in the Username field.\u003c/li\u003e\n\u003cli\u003eThe unsanitized input is directly incorporated into an SQL query executed against the backend database.\u003c/li\u003e\n\u003cli\u003eThe injected SQL code modifies the intended query, allowing the attacker to bypass authentication or extract data.\u003c/li\u003e\n\u003cli\u003eThe database server executes the modified SQL query, potentially returning sensitive information to the attacker or allowing unauthorized data manipulation.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SQL injection vulnerability can have severe consequences. An attacker can gain unauthorized access to sensitive inventory data, customer information, and financial records. Data modification can lead to incorrect inventory levels, disrupted operations, and financial losses. In a worst-case scenario, the attacker could gain complete control over the database server, leading to a full system compromise. This vulnerability impacts organizations using code-projects Inventory Management System 1.0, potentially affecting their reputation, financial stability, and customer trust.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect SQL Injection Attempts in Web Logs\u003c/code\u003e to identify potential exploitation attempts targeting the Username field in web server logs.\u003c/li\u003e\n\u003cli\u003eApply input validation and sanitization to the Username field in the Login component of code-projects Inventory Management System 1.0 to mitigate CVE-2026-7070.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for unusual SQL syntax or error messages indicative of SQL injection attempts based on the \u003ccode\u003eDetect SQL Injection Attempts in Web Logs\u003c/code\u003e Sigma rule.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-27T01:16:15Z","date_published":"2026-04-27T01:16:15Z","id":"/briefs/2026-04-inventory-sql-injection/","summary":"A SQL injection vulnerability exists in code-projects Inventory Management System 1.0 within the Login component, specifically affecting the Username argument, where a remote attacker can manipulate the Username parameter, leading to unauthorized data access or modification.","title":"SQL Injection Vulnerability in code-projects Inventory Management System 1.0","url":"https://feed.craftedsignal.io/briefs/2026-04-inventory-sql-injection/"},{"_cs_actors":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-7063"}],"_cs_exploited":false,"_cs_products":["Employee Management System 1.0"],"_cs_severities":["high"],"_cs_tags":["sqli","cve-2026-7063","web-application"],"_cs_type":"advisory","_cs_vendors":["code-projects"],"content_html":"\u003cp\u003eA SQL injection vulnerability, identified as CVE-2026-7063, has been discovered in code-projects Employee Management System version 1.0. The vulnerability resides within the \u003ccode\u003e/370project/process/eprocess.php\u003c/code\u003e file, specifically affecting the \u003ccode\u003epwd\u003c/code\u003e argument. Successful exploitation allows a remote attacker to inject and execute arbitrary SQL commands against the application\u0026rsquo;s database. Given that the exploit is publicly available, organizations using this system are at immediate risk of unauthorized data access, modification, or deletion. The affected component is the endpoint processing user input, making it a critical point of failure if not properly secured. This vulnerability poses a significant threat due to its ease of exploitation and potential for widespread data compromise.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies an instance of code-projects Employee Management System 1.0 accessible over the network.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting the \u003ccode\u003e/370project/process/eprocess.php\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eWithin the HTTP request, the attacker manipulates the \u003ccode\u003epwd\u003c/code\u003e parameter, injecting SQL code within the parameter\u0026rsquo;s value.\u003c/li\u003e\n\u003cli\u003eThe server-side code improperly sanitizes or validates the injected SQL code within the \u003ccode\u003epwd\u003c/code\u003e parameter.\u003c/li\u003e\n\u003cli\u003eThe application executes the attacker-controlled SQL query against the database.\u003c/li\u003e\n\u003cli\u003eThe attacker bypasses authentication or gains elevated privileges through the successful SQL injection.\u003c/li\u003e\n\u003cli\u003eThe attacker extracts sensitive data from the database, such as user credentials or financial records.\u003c/li\u003e\n\u003cli\u003eThe attacker may modify or delete data within the database, leading to data corruption or denial of service.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SQL injection vulnerability (CVE-2026-7063) can lead to complete compromise of the affected Employee Management System. An attacker can gain unauthorized access to sensitive employee data, including personal information, salaries, and performance reviews. The attacker could modify or delete critical data, disrupt business operations, or use the compromised system as a launchpad for further attacks within the organization\u0026rsquo;s network. Given the public availability of the exploit, organizations failing to address this vulnerability are at a high risk of experiencing a data breach and associated financial and reputational damage.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eInspect web server logs for suspicious POST requests to \u003ccode\u003e/370project/process/eprocess.php\u003c/code\u003e containing SQL syntax in the \u003ccode\u003epwd\u003c/code\u003e parameter to identify potential exploitation attempts.\u003c/li\u003e\n\u003cli\u003eDeploy the provided Sigma rule to detect exploitation attempts targeting the vulnerable \u003ccode\u003epwd\u003c/code\u003e parameter in the \u003ccode\u003eeprocess.php\u003c/code\u003e file.\u003c/li\u003e\n\u003cli\u003eApply input validation and sanitization to the \u003ccode\u003epwd\u003c/code\u003e parameter in \u003ccode\u003e/370project/process/eprocess.php\u003c/code\u003e to prevent SQL injection, addressing CVE-2026-7063.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-26T23:16:21Z","date_published":"2026-04-26T23:16:21Z","id":"/briefs/2026-04-ems-sqli/","summary":"CVE-2026-7063 is a SQL Injection vulnerability in code-projects Employee Management System 1.0 via the 'pwd' parameter in /370project/process/eprocess.php, enabling remote attackers to execute arbitrary SQL commands.","title":"code-projects Employee Management System SQL Injection Vulnerability (CVE-2026-7063)","url":"https://feed.craftedsignal.io/briefs/2026-04-ems-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed — Code-Projects","version":"https://jsonfeed.org/version/1.1"}