CVE-2026-5237 in Payroll Management System
Sumário (Inglês)
A security flaw has been discovered in itsourcecode Payroll Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /manage_user.php of the component Parameter Handler. Performing a manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Divulgação
01/04/2026
Estado
Confirmado
Inscrições
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidade | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 354388 | itsourcecode Payroll Management System Parameter manage_user.php Injeção SQL | 89 | Prova de conceito | Não definido | CVE-2026-5237 |
Descrição
CPE
CWE
CVSS
Explorações
História
Diferença
Relacionar
Inteligência de ameaças
API JSON
API XML
API CSV