CVE-2026-5196

MEDIUM CVSS 6.3 View on NVD ↗

Description

A vulnerability has been found in code-projects Student Membership System 1.0. Impacted is an unknown function of the file /delete_member.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

References

https://code-projects.org/
https://github.com/maidangdang1/CVE/issues/2
https://vuldb.com/submit/780399
https://vuldb.com/vuln/354294
https://vuldb.com/vuln/354294/cti

Published: Mar 31, 2026 09:16 UTC Modified: Mar 31, 2026 09:16 UTC