CVE-2026-6163
SQL Injection in Lost and Found Thing Management /catageory.php
Publication date: 2026-04-13
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| code_projects | lost_and_found_thing_management | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-6163 is a critical SQL injection vulnerability found in version 1.0 of the Lost and Found Thing Management project, specifically in the file /catageory.php.
The vulnerability occurs because the application directly uses the user-supplied 'cat' parameter in SQL queries without proper input validation or sanitization.
This allows attackers to inject malicious SQL code remotely, potentially leading to unauthorized database access, data leakage, data modification or deletion, and even full system compromise or service disruption.
No authentication is required to exploit this vulnerability, making it particularly severe.
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to unauthorized access to the database, allowing attackers to view, modify, or delete sensitive data.
It can also result in full system compromise or disruption of services provided by the affected application.
Since no authentication is required, attackers can remotely launch attacks without any prior access.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability can be detected by testing the `cat` parameter in the `/catageory.php` file for SQL injection. One method is to use a time-based blind SQL injection payload that causes a delay in the database response if the injection is successful.
An example payload to test via a POST request is: cat=11111' AND (SELECT 6697 FROM (SELECT(SLEEP(5)))Mgbu) AND 'Rlgi'='Rlgi
Using automated tools like sqlmap can also verify the vulnerability by automating injection detection and exploitation.
- Example sqlmap command: sqlmap -u "http://targetsite/catageory.php" --data="cat=11111" --technique=T --dbms=MySQL
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include:
- Use prepared statements with parameter binding to separate SQL code from user input, preventing injection.
- Implement strict input validation and filtering to ensure user inputs conform to expected formats.
- Minimize database user permissions by avoiding the use of high-privilege accounts for routine database operations.
- Conduct regular security audits of code and systems to identify and fix vulnerabilities promptly.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The SQL injection vulnerability in Lost and Found Thing Management 1.0 allows unauthorized access, data leakage, and data modification or deletion. Such unauthorized access and potential data breaches can lead to non-compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data.
Failure to properly secure user input and prevent SQL injection can result in exposure of personal data, violating data protection principles and potentially leading to legal and financial consequences under these regulations.