CVE-2026-2090
📋 TL;DR
This SQL injection vulnerability in SourceCodester Online Class Record System 1.0 allows remote attackers to execute arbitrary SQL commands via the 'term' parameter in /admin/message/search.php. This can lead to unauthorized data access, modification, or deletion. Organizations using this specific version of the software are affected.
💻 Affected Systems
- SourceCodester Online Class Record System
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise including data theft, data destruction, and potential server takeover via SQL injection leading to remote code execution.
Likely Case
Unauthorized access to sensitive student/teacher data, grade manipulation, and potential privilege escalation within the application.
If Mitigated
Limited impact with proper input validation, parameterized queries, and database permission restrictions in place.
🎯 Exploit Status
Exploit requires admin access to reach the vulnerable endpoint. The vulnerability is in the admin panel, so authentication is needed but SQL injection is straightforward once authenticated.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: https://www.sourcecodester.com/
Restart Required: No
Instructions:
1. Check vendor website for updates. 2. If no patch available, implement workarounds. 3. Consider replacing with alternative software.
🔧 Temporary Workarounds
Input Validation Filter
allAdd input validation to sanitize the 'term' parameter before processing
Modify /admin/message/search.php to add parameterized queries or input filtering
Access Restriction
allRestrict access to the vulnerable admin endpoint
Add IP whitelisting or additional authentication to /admin/message/search.php
🧯 If You Can't Patch
- Implement web application firewall (WAF) with SQL injection rules
- Isolate the vulnerable system from sensitive networks and implement strict network segmentation
🔍 How to Verify
Check if Vulnerable:
Check if /admin/message/search.php exists and accepts 'term' parameter without proper sanitizationCheck Version:
Check software version in admin panel or configuration filesVerify Fix Applied:
Test SQL injection attempts against the patched endpoint to confirm they are blocked📡 Detection & Monitoring
Log Indicators:
- Unusual SQL queries in database logs
- Multiple failed login attempts followed by admin panel access
- Suspicious parameter values in web server logs for search.php
Network Indicators:
- SQL injection patterns in HTTP requests to /admin/message/search.php
- Unusual database connection patterns from web server
SIEM Query:
source="web_server" AND uri="/admin/message/search.php" AND (param="term" AND value MATCHES "[';]|UNION|SELECT")