CVE-2026-0699
SQL Injection in Intern Membership System Allows Remote Exploitation
Publication date: 2026-01-08
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| code-projects | intern_membership_management_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-0699 is a SQL injection vulnerability in the Intern Membership Management System version 1.0, specifically in the file /intern/admin/edit_activity.php. It occurs due to improper handling of the activity_id parameter, allowing an attacker to inject malicious SQL code. This can be exploited remotely and requires some level of authentication. The vulnerability allows attackers to manipulate database queries, potentially gaining unauthorized access to sensitive data and compromising system integrity. [1, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to access or manipulate sensitive data stored in the system's database without authorization. It threatens the confidentiality, integrity, and availability of the system. Attackers could alter or delete data, disrupt system operations, or gain unauthorized access to restricted information, leading to potential data breaches and operational disruptions. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for the presence of the vulnerable file `/intern/admin/edit_activity.php` and monitoring for suspicious requests manipulating the `activity_id` parameter. Attackers may use Google dorking with the query `inurl:intern/admin/edit_activity.php` to locate vulnerable targets. Network or web server logs can be searched for requests containing unusual or malicious SQL code in the `activity_id` parameter. Specific commands are not provided, but searching logs for patterns involving `activity_id` or using web vulnerability scanners targeting SQL injection in this endpoint is recommended. [3]
What immediate steps should I take to mitigate this vulnerability?
No known countermeasures or mitigations have been identified for this vulnerability. It is suggested to replace the affected component with an alternative product. Immediate steps include restricting access to the vulnerable script, monitoring for exploitation attempts, and applying any available patches or updates if released. Since the vulnerability requires authentication, reviewing and tightening authentication and authorization controls may reduce risk. [3]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized access to sensitive data through SQL injection, which can compromise data confidentiality and integrity. Such a breach could lead to non-compliance with data protection regulations like GDPR and HIPAA that require safeguarding personal and sensitive information. However, no specific details about compliance impact or regulatory consequences are provided in the resources. [1, 3]