CVE-2026-6164
Received Received - Intake
SQL Injection in Lost and Found Thing Management /addcat.php

Publication date: 2026-04-13

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security flaw has been discovered in code-projects Lost and Found Thing Management 1.0. This affects an unknown part of the file /addcat.php. Performing a manipulation of the argument cata results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-13
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2026-04-13
EPSS Evaluated
2026-05-05
NVD
CVE-2026-6164
EUVD
EUVD-2026-21875
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-74 The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The SQL injection vulnerability in Lost and Found Thing Management 1.0 allows attackers to gain unauthorized access to sensitive data, modify or delete information, and disrupt service availability. Such unauthorized access and data manipulation can lead to breaches of confidentiality, integrity, and availability of data.

This kind of security flaw can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data against unauthorized access and breaches. Failure to address this vulnerability could result in violations of these regulations, potentially leading to legal penalties, loss of trust, and damage to business continuity.


Can you explain this vulnerability to me?

CVE-2026-6164 is a critical SQL injection vulnerability found in version 1.0 of the Lost and Found Thing Management project, specifically in the /addcat.php file.

The vulnerability occurs because the 'cata' parameter is improperly handled and directly incorporated into SQL queries without proper input validation or sanitization.

This flaw allows attackers to inject malicious SQL code remotely without requiring any authentication or authorization.

Exploitation can lead to unauthorized database access, data extraction, modification or deletion of data, full system control, and potential disruption of service availability.


How can this vulnerability impact me? :

This vulnerability can have severe impacts including unauthorized access to sensitive data stored in the database.

Attackers can modify or delete data, which can compromise data integrity and disrupt normal operations.

It may allow attackers to gain full control over the affected system, potentially leading to further exploitation or service outages.

Overall, it poses a significant threat to system security and business continuity if not addressed promptly.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by testing the 'cata' parameter in the /addcat.php file for SQL injection flaws. A proof-of-concept payload uses a time-based blind SQL injection technique to confirm the vulnerability by causing a deliberate delay in the database response.

One suggested method is to use the sqlmap tool to automate detection and exploitation of the SQL injection vulnerability.

  • Example payload to test manually: cata=111' AND (SELECT 7248 FROM (SELECT(SLEEP(5)))dyme) AND 'CwYZ'='CwYZ
  • Example sqlmap command: sqlmap -u "http://targetsite/addcat.php" --data="cata=111" --technique=T --time-sec=5

What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include implementing prepared statements with parameter binding to separate SQL code from user input, preventing injection.

Enforce strict input validation and filtering to ensure inputs conform to expected formats.

Minimize database user privileges by avoiding the use of high-privilege accounts such as root or admin for routine database operations.

Conduct regular security audits of code and systems to identify and address vulnerabilities promptly.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart