CVE-2026-5035 in code-projects Accounting System
摘要 (英语)
A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part of the file /view_work.php of the component Parameter Handler. Such manipulation of the argument en_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
披露
2026-03-29
条目
| 已发布 | 基础 | 临时 | 漏洞 | CWE | 产品 | 可利用 | 对策 | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 2026-03-27 | 7.3 | 6.6 | code-projects Accounting System Parameter view_work.php SQL注入 | 89 | Accounting Software | 概念验证 | 未定义 | 0.00030 | 2.54 | CVE-2026-5035 |