CVE-2026-5575: SQL Injection in jkev Record Management System 1.0
Platform
php
Component
jkev
CVE-2026-5575 represents a SQL Injection vulnerability discovered within the SourceCodester/jkev Record Management System, specifically impacting versions 1.0.0 through 1.0. This flaw allows attackers to inject malicious SQL code through the manipulation of the Username argument within the Login functionality of the index.php file. Successful exploitation could lead to unauthorized data access or modification, highlighting the importance of immediate mitigation. Currently, no official patch is available.
How to fix
Actualice el sistema Record Management System a una versión corregida. Verifique la fuente oficial (SourceCodester) para obtener la última versión y las instrucciones de actualización. Como explotación es pública, se recomienda aplicar la corrección lo antes posible.
Frequently asked questions
What is CVE-2026-5575?
CVE-2026-5575 is a SQL Injection vulnerability in the SourceCodester/jkev Record Management System. It allows attackers to inject malicious SQL code by manipulating the Username parameter in the login process, potentially compromising the database.
Am I affected by CVE-2026-5575?
You are potentially affected if you are using SourceCodester/jkev Record Management System version 1.0.0 through 1.0. The vulnerability resides in the Login functionality of the index.php file.
How can I fix or mitigate CVE-2026-5575?
As of now, no official patch is available. Mitigation strategies include restricting access to the vulnerable endpoint, implementing robust input validation and sanitization, and using parameterized queries to prevent SQL Injection.
Monitor your dependencies automatically
Get notified when new vulnerabilities affect your projects. Free forever.
Start free