CVE-2026-3200
BaseFortify
Publication date: 2026-02-25
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-3200 is a SQL injection vulnerability found in the Z-9527 Admin application versions 1.0 and 2.0. It affects multiple functions such as checkName, register, login, getUser, and getUsers within the file /server/controller/user.js. The vulnerability occurs because user-supplied inputs, like the username or startTime parameters, are directly concatenated into SQL queries without proper sanitization or use of parameterized queries. This flaw allows attackers, both authenticated and unauthenticated, to inject malicious SQL code remotely.
Exploitation techniques include bypassing password verification to obtain valid authentication tokens, performing UNION-based SQL injection to extract sensitive data, and conducting time-based blind SQL injection attacks to infer database information. The vulnerability is classified under CWE-89 (Improper Neutralization of Special Elements used in an SQL Command) and can lead to account takeover, data exposure, and full system compromise.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized account takeover by bypassing authentication mechanisms, exposure of sensitive data stored in the database, and potential full system compromise. Attackers can extract credentials, escalate privileges, and manipulate or disrupt the availability and integrity of the affected system.
Because the exploit is publicly available and the vulnerability can be exploited remotely without authentication in some cases, the risk of attack is high. This can lead to loss of confidentiality, integrity, and availability of critical data and services.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by monitoring for SQL injection patterns in requests to the affected endpoints such as /user/login, /user/getUser, /user/register, /user/checkName, and /user/getUsers. Network or application logs should be inspected for suspicious input that includes SQL syntax or payloads attempting to manipulate SQL queries.'}, {'type': 'paragraph', 'content': 'Commands to detect this vulnerability include using web application firewall (WAF) logs or intrusion detection systems (IDS) to identify SQL injection attempts. For example, using tools like sqlmap to test the endpoints for SQL injection vulnerabilities can help detect exploitation.'}, {'type': 'list_item', 'content': 'Use sqlmap to test the /user/login endpoint: sqlmap -u "http://target/user/login" --data="username=admin&password=pass" --risk=3 --level=5'}, {'type': 'list_item', 'content': 'Monitor web server logs for suspicious SQL injection payloads in parameters such as username or startTime.'}, {'type': 'list_item', 'content': 'Deploy WAF rules that detect common SQL injection patterns and review alerts generated by these rules.'}] [1, 2, 3, 4, 5, 6]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing all string concatenation in SQL queries with parameterized queries or prepared statements to prevent injection.
Enforce strict server-side input validation and sanitization on all user inputs, especially those related to username and other query parameters.
Apply the principle of least privilege to database accounts used by the application to limit the impact of any potential exploitation.
Deploy Web Application Firewall (WAF) rules that detect and block common SQL injection attack patterns.
Conduct comprehensive security audits of all database query constructions throughout the codebase to identify and fix similar vulnerabilities.
Consider replacing the affected product with an alternative if patches or vendor support are unavailable.