CVE-2026-0576
SQL Injection in code-projects Reservation System Enables Remote Attack
Publication date: 2026-01-04
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| code-projects | online_product_reservation_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-0576 is a critical SQL injection vulnerability in version 1.0 of the code-projects Online Product Reservation System. It occurs in the file /handgunner-administrator/prod.php within the Parameter Handler component. The vulnerability arises because the application improperly handles parameters such as cat, price, name, model, and serial, which are used directly in SQL queries without proper sanitization. This allows remote attackers to inject arbitrary SQL commands, potentially compromising the database. [1, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing remote attackers to execute arbitrary SQL commands on your database without authentication. This can lead to unauthorized access to sensitive data, modification or deletion of data, and disruption of the availability and integrity of your system. The attack is easy to perform and a public exploit is available, increasing the risk of exploitation. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by searching for the vulnerable URL pattern using Google dorking, for example: `inurl:handgunner-administrator/prod.php`. Additionally, testing the affected parameters (cat, price, name, model, serial) for SQL injection by injecting typical SQL payloads (e.g., single quotes, SQL keywords) can help detect the issue. Network monitoring tools can look for suspicious HTTP requests targeting `/handgunner-administrator/prod.php` with unusual parameter values. Specific commands might include using curl or wget to send crafted requests, such as: `curl -G 'http://target/handgunner-administrator/prod.php' --data-urlencode "cat=' OR '1'='1"` to test for SQL injection responses. [1]
What immediate steps should I take to mitigate this vulnerability?
No known mitigations or countermeasures have been documented for this vulnerability. The suggested immediate step is to replace the affected product with an alternative solution. Until a patch or fix is available, restricting access to the vulnerable endpoint and monitoring for exploitation attempts is advisable. [1]