CVE-2026-5198
SQL Injection in Student Membership System Admin Login Allows Remote Exploit
Publication date: 2026-03-31
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| code-projects | student_membership_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-5198 is a high-severity SQL Injection vulnerability found in the Student Membership System version 1.0, specifically in the administrator login function located in the file /admin/index.php.
The vulnerability occurs because the system constructs an SQL query by directly concatenating the username and password inputs without proper sanitization or parameterization.
This allows an attacker to inject malicious SQL code, such as a universal password payload (' OR '1'='1), into the username field to bypass authentication and gain unauthorized access to the administrator dashboard.
How can this vulnerability impact me? :
Exploitation of this vulnerability allows an attacker to bypass authentication and gain full administrative privileges on the Student Membership System.
- Delete or modify all data within the system.
- Create new administrator accounts.
- Perform other malicious actions with full control over the system.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to exploit the SQL injection in the administrator login function by injecting a payload into the username field to bypass authentication.
A common proof-of-concept payload to test for this vulnerability is to use the username value: admin' OR '1'='1 and any password value.
You can use tools like curl or Burp Suite to send a POST request to the /admin/index.php login endpoint with the following parameters:
- username=admin' OR '1'='1
- password=anything
Example curl command to test the vulnerability:
- curl -X POST -d "username=admin' OR '1'='1&password=anything&login=Login" http://targetsite/admin/index.php
If the response indicates successful login without valid credentials, the system is vulnerable.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include modifying the authentication code to use prepared statements (parameterized queries) instead of directly concatenating user inputs into SQL queries.
Additionally, implement secure password handling by using functions such as password_hash() and password_verify() to store and verify passwords securely, rather than storing plaintext passwords.
Avoid using direct string concatenation for SQL queries to prevent SQL injection attacks.
If immediate code changes are not possible, consider restricting access to the /admin/index.php page by IP whitelisting or other access control mechanisms as a temporary measure.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This SQL Injection vulnerability in the Student Membership System allows attackers to bypass authentication and gain full administrative access, potentially leading to unauthorized access, modification, or deletion of sensitive data.
Such unauthorized access and potential data compromise can violate common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive information against unauthorized access and breaches.
Failure to secure authentication mechanisms and protect data integrity may result in non-compliance with these regulations, leading to legal and financial consequences.