Loading market data...
← Back to CVE feed

CVE-2026-10170

MEDIUM CVSS 6.3 View on NVD ↗

Description

A flaw has been found in code-projects Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /vms/php/phone_0.php. This manipulation of the argument phone causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Published: May 31, 2026 07:16 UTC Modified: May 31, 2026 07:16 UTC