CVE-2026-5035
SQL Injection in code-projects Accounting System Parameter Handler
Publication date: 2026-03-29
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sherlock | accounting_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-5035 is a critical SQL injection vulnerability found in the Accounting System Project version 1.0, specifically in the '/view_work.php' file. The issue arises because the 'en_id' GET parameter is used directly in SQL queries without proper input validation or sanitization.
This flaw allows attackers to inject malicious SQL code remotely without any authentication, potentially leading to unauthorized database access, data leakage, data tampering, full system control, and service disruption.
- Boolean-based blind injection using MySQL RLIKE operator
- Error-based injection exploiting MySQL >= 5.0 OR error-based queries
- Time-based blind injection using MySQL SLEEP function
- UNION-based injection to extract data by concatenating hexadecimal-encoded strings
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized access to sensitive data, data leakage, and data tampering. Attackers can gain full control over the affected system, potentially disrupting services and compromising business continuity.
Since exploitation requires no authentication and can be performed remotely, the risk of attack is high, making it critical to address this vulnerability promptly.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability can be detected by testing the 'en_id' parameter in the '/view_work.php' file for SQL injection flaws. This can be done using automated tools like sqlmap, which can execute crafted payloads to confirm the presence of the vulnerability.
- Use sqlmap to test the 'en_id' parameter for SQL injection: sqlmap -u "http://target/view_work.php?en_id=1" --batch
- Perform Boolean-based blind injection tests using MySQL RLIKE operator payloads.
- Conduct error-based injection tests exploiting MySQL >= 5.0 OR error-based queries.
- Try time-based blind injection using MySQL SLEEP function to detect delays.
- Attempt UNION-based injection to extract data by concatenating hexadecimal-encoded strings.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing secure coding practices and restricting database access to minimize the risk of exploitation.
- Implement prepared statements with parameter binding to separate SQL code from user input.
- Apply strict input validation and filtering to ensure inputs conform to expected formats.
- Minimize database user permissions to restrict the impact of potential exploits.
- Conduct regular security audits to detect and remediate vulnerabilities promptly.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The SQL injection vulnerability in the Accounting System 1.0 allows unauthorized access, data leakage, and data tampering, which can lead to exposure of sensitive personal or financial information.
Such unauthorized data access and manipulation can result in non-compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and health information against breaches and unauthorized disclosures.
Failure to mitigate this vulnerability could lead to violations of data protection requirements, potentially resulting in legal penalties, loss of trust, and damage to business continuity.