CVE-2026-29861 - Vulnerability Analysis
N/aLast Updated: April 10, 2026
PHP-MYSQL-User-Login-System - SQL Injection
Published: April 10, 2026Updated: April 10, 2026PoC Available
Overview
PHP-MYSQL-User-Login-System v1.0 contains a sql injection caused by unsanitized username parameter in login.php, letting attackers execute arbitrary SQL commands, exploit requires crafted input.
Severity & Score
Severity: N/a
Impact
Attackers can execute arbitrary SQL commands, potentially leading to data disclosure or modification.
Mitigation
Update to the latest version with SQL injection fixes.
Related Resources
Details
- CVE ID
- CVE-2026-29861
- Severity
- N/a
- Type
- sql_injection
- Status
- new
CVSS Metrics
N/A