CVE-2026-6182

Received Received - Intake

SQL Injection in Simple CMS /web/admin/login.php Allows Remote Exploit

Publication date: 2026-04-13

Last updated on: 2026-04-29

Assigner: VulDB

Description

A vulnerability was identified in code-projects Simple Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /web/admin/login.php. Such manipulation of the argument User leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-04-13

Last Modified

2026-04-29

Generated

2026-05-07

AI Q&A

2026-04-13

EPSS Evaluated

2026-05-05

NVD

CVE-2026-6182

EUVD

EUVD-2026-21980

Affected Vendors & Products

Vendor	Product	Version / Range
code-projects	simple_content_management_system	1.0

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-74	The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
CWE-89	The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

CWE ID

Description

CWE-74

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

CWE-89

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Attack-Flow Graph

AI Powered Q&A

How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The vulnerability allows an unauthenticated remote attacker to bypass authentication and gain full administrative access to the Simple Content Management System. This unauthorized access could lead to exposure, modification, or deletion of sensitive data managed by the CMS.

Such unauthorized access and potential data compromise can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive information against unauthorized access and breaches.

Therefore, exploitation of this SQL Injection vulnerability could result in violations of data protection requirements, leading to legal and regulatory consequences.

Can you explain this vulnerability to me?

The CVE-2026-6182 vulnerability is a critical SQL Injection flaw found in the admin login page of the Simple Content Management System PHP version 1.0. It occurs because the "user" parameter in the login form is not properly sanitized before being used in an SQL query.

This allows an unauthenticated remote attacker to inject SQL code that bypasses the authentication check, granting full administrative access without valid credentials.

Affected file: /web/admin/login.php
Affected parameter: user
Attack vector: Remote, unauthenticated attacker
Impact: Authentication bypass leading to full admin panel control

How can this vulnerability impact me? :

Exploitation of this vulnerability allows an attacker to bypass authentication and gain full administrative access to the Simple Content Management System.

With this access, the attacker can control the admin panel, including adding or modifying content, which can lead to unauthorized data manipulation, defacement, or further compromise of the system.

How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by testing the /web/admin/login.php endpoint for SQL injection on the 'user' parameter.

One way to detect it is by sending a crafted POST request with an SQL injection payload that always evaluates to true, such as: user=test'+or+1=1--+

Example command using curl to test the vulnerability:

curl -X POST -d "user=test'+or+1=1--+-&password=test&submit=Login" http://[target]/web/admin/login.php

If the response indicates successful login or access to the admin panel without valid credentials, the system is vulnerable.

What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include:

Restrict access to the /web/admin/login.php page to trusted IP addresses or internal networks.
Implement input validation and sanitization on the 'user' parameter to prevent SQL injection.
Use prepared statements or parameterized queries in the login code to avoid direct concatenation of user input into SQL queries.
Monitor logs for suspicious login attempts containing SQL injection payloads.
If possible, apply patches or updates from the vendor addressing this vulnerability.

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

CVE-2026-6182

SQL Injection in Simple CMS /web/admin/login.php Allows Remote Exploit

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Powered Q&A

Ask Our AI Assistant

EPSS Chart