CVE-2026-5666

MEDIUM CVSS 5.3 View on NVD ↗

Description

A vulnerability was detected in code-projects Online FIR System 1.0. Affected by this issue is some unknown functionality of the file /complaints.sql of the component SQL Database Backup File Handler. The manipulation results in insecure storage of sensitive information. The attack may be performed from remote. The exploit is now public and may be used.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References

https://code-projects.org/
https://github.com/ahmadmarz10-hub/CVEsMarz/blob/main/Sensitive%20Information%20Disclosure%20in%20Online%20FIR%20System%20PHP%20Exposed%20Database%20Backup.md
https://vuldb.com/submit/786322
https://vuldb.com/vuln/355489
https://vuldb.com/vuln/355489/cti

Published: Apr 06, 2026 16:16 UTC Modified: Apr 06, 2026 16:16 UTC