NextGuard
UNKNOWNCVE-2026-5035

code-projects Accounting System Parameter view_work.php sql injection

Platform

php

Component

cve

View on NVD

A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part of the file /view_work.php of the component Parameter Handler. Such manipulation of the argument en_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

How to fix

Actualizar el sistema Accounting System a una versión posterior a la 1.0 o aplicar un parche que corrija la vulnerabilidad de inyección SQL en el archivo view_work.php. Se recomienda validar y limpiar las entradas del usuario, especialmente el parámetro en_id, antes de utilizarlas en consultas SQL.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free