CVE-2026-2162

EUVD-2026-5787
A vulnerability was determined in itsourcecode News Portal Project 1.0. This affects an unknown part of the file /admin/aboutus.php. This manipulation of the argument pagetitle causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.7 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
VulDBCNA
4.7 MEDIUM
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
Affected Products (NVD)
VendorProductVersion
clive_21news_portal_project
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/Wzl731/test/issues/2
https://itsourcecode.com/
https://vuldb.com/?ctiid.344864
https://vuldb.com/?id.344864
https://vuldb.com/?submit.751083