CVE-2026-5035

HIGH

A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part of the file /view_work.php of the component Parameter Handler. Such manipulation of the argument en_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVSS v3.1 Score

7.3
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
NETWORK
Complexity
LOW
Privileges
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW
Published: 3/29/2026Modified: 3/30/2026

Related Intelligence (1)

CRITICALVulnerability

NVD CRITICAL: CVE-2026-5035 — A vulnerability has been found in code-projects Accounting System 1.0. This affe...

A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part of the file /view_work.php of the component Parameter Handler. Such manipulation of the argument en_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2026-5035
NIST NVD

References (5)

https://code-projects.org/Producthttps://github.com/Xu-Zhihan/CVE/issues/8ExploitIssue Trackinghttps://vuldb.com/submit/778603Third Party AdvisoryVDB Entryhttps://vuldb.com/vuln/353961VDB EntryThird Party Advisoryhttps://vuldb.com/vuln/353961/ctiVDB EntryPermissions Required