Contact Management System
CVE-2026-2176
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
2DescriptionCVE.org
A security vulnerability has been detected in code-projects Contact Management System 1.0. This issue affects some unknown processing of the file index.py. Such manipulation of the argument selecteditem[0] leads to sql injection. The attack can be executed remotely.
AnalysisAI
SQL injection in code-projects Contact Management System 1.0 allows authenticated remote attackers to manipulate the selecteditem[0] parameter in index.py and execute arbitrary SQL queries. The vulnerability requires valid user credentials but enables data exfiltration, modification, and potential system compromise. No patch is currently available.
Technical ContextAI
Affects Contact Management System. A security vulnerability has been detected in code-projects Contact Management System 1.0. This issue affects some unknown processing of the file index.py. Such manipulation of the argument selecteditem[0] leads to sql injection. The attack can be executed remotely.
RemediationAI
Monitor vendor advisories for a patch. Use parameterized queries. Implement input validation. Restrict network access to the affected service where possible.
More in Contact Management System
View allShare
External POC / Exploit Code
Leaving vuln.today