CVE-2026-26884
SQL Injection in Simple Online Men's Salon Management System
Publication date: 2026-03-03
Last updated on: 2026-03-04
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| oretnom23 | simple_online_men's_salon_management_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "The vulnerability is an SQL Injection found in the Simple Online Men's Salon Management System v1.0, specifically in the file /msms/admin/appointments/view_appointment.php. It occurs because the 'id' parameter in a GET request is not properly sanitized before being used in an SQL query."}, {'type': 'paragraph', 'content': "An attacker can exploit this by injecting malicious SQL code through the 'id' parameter, such as using a UNION-based SQL injection payload to retrieve sensitive information like the database name. This allows the attacker to execute arbitrary SQL commands on the backend database."}] [1]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized disclosure of sensitive data stored in the backend database. An attacker can retrieve information such as database names and potentially other confidential data.
Beyond data disclosure, the attacker might manipulate the database by executing arbitrary SQL commands, which could result in data corruption, deletion, or unauthorized modification.
Since the vulnerability can be exploited remotely via a web browser, it poses a significant security risk to the system and its data integrity.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This SQL injection vulnerability can be detected by sending crafted HTTP GET requests to the vulnerable endpoint and observing the response for SQL errors or unexpected data.'}, {'type': 'paragraph', 'content': "A typical detection command involves requesting the URL with a malicious payload in the 'id' parameter, such as:"}, {'type': 'list_item', 'content': 'curl "http://<target>/msms/admin/appointments/view_appointment.php?id=-1\' union select 1,database(),3,4,5,6,7,8,9--+"'}, {'type': 'paragraph', 'content': 'If the response contains the database name or SQL error messages, it indicates the presence of the SQL injection vulnerability.'}, {'type': 'paragraph', 'content': "Additionally, using web vulnerability scanners that test for SQL injection on the 'id' parameter of this endpoint can help detect the issue."}] [1]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'Immediate mitigation steps include:'}, {'type': 'list_item', 'content': 'Restrict access to the vulnerable endpoint (/msms/admin/appointments/view_appointment.php) to trusted users only.'}, {'type': 'list_item', 'content': "Apply input validation and sanitization on the 'id' parameter to prevent SQL injection."}, {'type': 'list_item', 'content': 'Use prepared statements or parameterized queries in the backend code to safely handle user inputs.'}, {'type': 'list_item', 'content': 'Change default credentials (admin/admin123) to strong, unique passwords to prevent unauthorized access.'}, {'type': 'list_item', 'content': "Monitor logs for suspicious requests targeting the 'id' parameter."}, {'type': 'paragraph', 'content': 'Ultimately, update or patch the application to a version that fixes this vulnerability once available.'}] [1]