CVE-2026-1593
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
3Description
A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit_expenses_query.php. Executing a manipulation of the argument detail can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.
Analysis
Society Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify and inventory all instances of Society Management System up to version 1.0 in production; assess which systems contain sensitive data and restrict network access to critical instances. Within 7 days: Deploy Web Application Firewall (WAF) rules to block SQL injection patterns targeting this application; implement input validation and parameterized query enforcement if application-level controls are available; consider disabling vulnerable features if non-critical. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today