CVE-2026-10110
SQL Injection in Student Details Management System
Publication date: 2026-05-30
Last updated on: 2026-05-30
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-10110 is a critical SQL injection vulnerability found in the Student Details Management System version 1.0, specifically in the index.php file.
The vulnerability arises because the 'roll' parameter is directly concatenated into a raw SQL query without any sanitization or input validation, allowing unauthenticated attackers to inject arbitrary SQL commands.
This flaw can be exploited remotely via the public-facing student search form, enabling attackers to perform UNION-based data extraction, full database enumeration, and credential theft from the admin table.
The vulnerable code is located in lines 51β59 of index.php, where $_POST parameters are used directly in SQL queries.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including full database access by attackers, exposure of sensitive credentials, and potential system compromise.
Attackers can bypass authentication, dump sensitive data such as student and admin information, and escalate privileges to other applications sharing the same MySQL instance.
Such exploitation can lead to unauthorized data disclosure, loss of data integrity, and availability issues within the affected system.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the 'roll' parameter in the public-facing student search form for SQL injection. Since the parameter is directly concatenated into SQL queries without sanitization, sending specially crafted SQL payloads can reveal the flaw.
A common detection method is to send SQL injection test payloads such as a single quote (') or UNION-based queries in the 'roll' parameter and observe the response for SQL errors or unexpected data.
Example command using curl to test the vulnerability:
- curl -X POST -d "roll=1' OR '1'='1" http://target/index.php
- curl -X POST -d "roll=1 UNION SELECT user(), database(), version()-- " http://target/index.php
If the response contains database information or no error is thrown, it indicates the presence of the SQL injection vulnerability.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include:
- Implement prepared statements with bound parameters in the code to prevent SQL injection.
- Disable verbose error output in production environments to avoid leaking database or query information.
- Restrict access to the vulnerable endpoint or temporarily disable the student search form until a patch is applied.
- Monitor logs for suspicious activity targeting the 'roll' parameter.
Long-term remediation involves code review and refactoring to ensure all user inputs are properly sanitized and validated.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This SQL injection vulnerability allows unauthenticated attackers to extract sensitive data, including credentials from the admin table, and potentially escalate privileges. Such unauthorized access and data exposure can lead to violations of data protection regulations like GDPR and HIPAA, which mandate the protection of personal and sensitive information.
The compromise of confidential student and administrative data through this vulnerability could result in non-compliance with these standards, as it undermines the confidentiality, integrity, and availability of protected data.