CVE-2026-3200
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2026-02-25

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was identified in z-9527 admin 1.0/2.0. The affected element is the function checkName/register/login/getUser/getUsers of the file /server/controller/user.js. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-25
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-02-25
EPSS Evaluated
2026-06-14
NVD
CVE-2026-3200
EUVD
EUVD-2026-8744
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
CWE-74 The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-3200 is a SQL injection vulnerability found in the Z-9527 Admin application versions 1.0 and 2.0. It affects multiple functions such as checkName, register, login, getUser, and getUsers within the file /server/controller/user.js. The vulnerability occurs because user-supplied inputs, like the username or startTime parameters, are directly concatenated into SQL queries without proper sanitization or use of parameterized queries. This flaw allows attackers, both authenticated and unauthenticated, to inject malicious SQL code remotely.

Exploitation techniques include bypassing password verification to obtain valid authentication tokens, performing UNION-based SQL injection to extract sensitive data, and conducting time-based blind SQL injection attacks to infer database information. The vulnerability is classified under CWE-89 (Improper Neutralization of Special Elements used in an SQL Command) and can lead to account takeover, data exposure, and full system compromise.

Impact Analysis

This vulnerability can have severe impacts including unauthorized account takeover by bypassing authentication mechanisms, exposure of sensitive data stored in the database, and potential full system compromise. Attackers can extract credentials, escalate privileges, and manipulate or disrupt the availability and integrity of the affected system.

Because the exploit is publicly available and the vulnerability can be exploited remotely without authentication in some cases, the risk of attack is high. This can lead to loss of confidentiality, integrity, and availability of critical data and services.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by monitoring for SQL injection patterns in requests to the affected endpoints such as /user/login, /user/getUser, /user/register, /user/checkName, and /user/getUsers. Network or application logs should be inspected for suspicious input that includes SQL syntax or payloads attempting to manipulate SQL queries.'}, {'type': 'paragraph', 'content': 'Commands to detect this vulnerability include using web application firewall (WAF) logs or intrusion detection systems (IDS) to identify SQL injection attempts. For example, using tools like sqlmap to test the endpoints for SQL injection vulnerabilities can help detect exploitation.'}, {'type': 'list_item', 'content': 'Use sqlmap to test the /user/login endpoint: sqlmap -u "http://target/user/login" --data="username=admin&password=pass" --risk=3 --level=5'}, {'type': 'list_item', 'content': 'Monitor web server logs for suspicious SQL injection payloads in parameters such as username or startTime.'}, {'type': 'list_item', 'content': 'Deploy WAF rules that detect common SQL injection patterns and review alerts generated by these rules.'}] [1, 2, 3, 4, 5, 6]

Mitigation Strategies

Immediate mitigation steps include replacing all string concatenation in SQL queries with parameterized queries or prepared statements to prevent injection.

Enforce strict server-side input validation and sanitization on all user inputs, especially those related to username and other query parameters.

Apply the principle of least privilege to database accounts used by the application to limit the impact of any potential exploitation.

Deploy Web Application Firewall (WAF) rules that detect and block common SQL injection attack patterns.

Conduct comprehensive security audits of all database query constructions throughout the codebase to identify and fix similar vulnerabilities.

Consider replacing the affected product with an alternative if patches or vendor support are unavailable.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-3200. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart