CVE-2026-6183
SQL Injection in Simple CMS 1.0 /web/index.php Allows Remote Exploitation
Publication date: 2026-04-13
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| code-projects | simple_content_management_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-6183 is a SQL Injection vulnerability found in the Simple Content Management System PHP version 1.0, specifically in the file /web/index.php.
The vulnerability occurs because the 'id' parameter in index.php is not properly sanitized before being used in an SQL query.
This allows an unauthenticated remote attacker to manipulate the 'id' parameter in HTTP GET requests to perform a UNION-based SQL injection attack.
By exploiting this flaw, the attacker can extract sensitive information from the database, such as database names, table contents, user credentials, and all stored content.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This SQL Injection vulnerability allows an attacker to extract sensitive information from the database, including user credentials and stored content. Such unauthorized access and potential data breach can lead to non-compliance with data protection regulations like GDPR and HIPAA, which mandate the protection of personal and sensitive data.
Specifically, the exposure of personal data due to this vulnerability could result in violations of confidentiality and integrity requirements, potentially triggering legal and regulatory consequences under these standards.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this SQL Injection vulnerability in Simple Content Management System 1.0, you should immediately apply input validation and sanitization to the 'id' parameter in /web/index.php to prevent malicious SQL code execution.
If a patch or update is available from the vendor, apply it as soon as possible.
As a temporary measure, consider implementing a web application firewall (WAF) to detect and block SQL injection attempts targeting the 'id' parameter.
Restrict access to the vulnerable endpoint if possible, and monitor logs for suspicious activity related to SQL injection attempts.
How can this vulnerability impact me? :
This vulnerability can lead to significant information disclosure and potential full database compromise.
An attacker can remotely exploit this flaw without authentication to access sensitive data stored in the database.
This may include user credentials and all stored content, which can result in data breaches, loss of confidentiality, and potential further attacks on the system.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This SQL Injection vulnerability can be detected by sending specially crafted HTTP GET requests to the affected endpoint and observing the responses for signs of SQL injection.
For example, you can test the vulnerability by sending a request like:
- GET /web/index.php?id=1 UNION SELECT 1,database(),3-- -
If the database name or other SQL query results are reflected in the HTTP response, it confirms the presence of the SQL injection vulnerability.
You can use command-line tools such as curl to perform this test:
- curl "http://target-site/web/index.php?id=1 UNION SELECT 1,database(),3-- -"
If the response contains database information, the system is vulnerable.