CVE-2026-2083
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
3Description
A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file /delete_post.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.
Analysis
SQL injection in the /delete_post.php endpoint of code-projects Social Networking Site 1.0 allows unauthenticated remote attackers to manipulate the ID parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all instances of Social Networking Site 1.0 in production and take inventory of exposure; implement network segmentation to restrict access to /delete_post.php. Within 7 days: Deploy WAF rules to monitor and block suspicious requests to the vulnerable endpoint; enforce additional authentication for post deletion operations. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today