Login Sign Up

CVE-2026-0576

7.3 HIGH
SQL Injection

📋 TL;DR

This SQL injection vulnerability in code-projects Online Product Reservation System 1.0 allows remote attackers to execute arbitrary SQL commands through manipulated parameters. Attackers can potentially access, modify, or delete database content. All users running version 1.0 are affected.

💻 Affected Systems

Products:
  • code-projects Online Product Reservation System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the /handgunner-administrator/prod.php file specifically through cat, price, name, model, and serial parameters.

📦 What is this software?

Online Product Reservation System by Fabian

View all CVEs affecting Online Product Reservation System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, and potential remote code execution if database permissions allow.

🟠

Likely Case

Unauthorized data access, data manipulation, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only error messages or failed queries.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept available on GitHub, making exploitation straightforward for attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

No official patch available. Consider migrating to alternative software or implementing workarounds.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement parameterized queries and input validation for all user inputs in prod.php

Modify PHP code to use prepared statements with PDO or mysqli

Web Application Firewall Rules

all

Block SQL injection patterns targeting the vulnerable parameters

Configure WAF to detect and block SQL injection attempts on /handgunner-administrator/prod.php

🧯 If You Can't Patch

  • Restrict access to /handgunner-administrator/ directory to trusted IP addresses only
  • Implement database user with minimal necessary permissions (read-only if possible)

🔍 How to Verify

Check if Vulnerable:

Test the vulnerable endpoint with SQL injection payloads: curl 'http://target/handgunner-administrator/prod.php?cat=1' OR test with single quote in parameters

Check Version:

Check application files for version information or review installation documentation

Verify Fix Applied:

Test with same SQL injection payloads and verify they are rejected or sanitized

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL errors in application logs
  • Multiple failed login attempts or parameter manipulation in access logs

Network Indicators:

  • SQL keywords in HTTP GET parameters to prod.php
  • Unusual database connection patterns

SIEM Query:

source="web_logs" AND uri="/handgunner-administrator/prod.php" AND (param="*sql*" OR param="*union*" OR param="*select*" OR param="*' OR *")

📊 Metadata

CVE ID: CVE-2026-0576
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.05% exploit probability (14.1th percentile)
Published: January 4, 2026
Last Updated: February 23, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-0576, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)