Is PHP affected by CVE-2026-4223?

A critical SQL injection vulnerability in the Payroll Management System allows unauthenticated attackers to access, modify, or delete sensitive employee payroll data.

CVE-2026-4223

EUVD-2026-12361 HIGH

2026-03-16 VulDB

7.3

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

PoC Detected

Mar 20, 2026 - 12:52 vuln.today

Public exploit code

Analysis Generated

Mar 16, 2026 - 09:00 vuln.today

EUVD ID Assigned

Mar 16, 2026 - 09:00 euvd

EUVD-2026-12361

CVE Published

Mar 16, 2026 - 07:02 nvd

HIGH 7.3

Description

A vulnerability was identified in itsourcecode Payroll Management System 1.0. This issue affects some unknown processing of the file /manage_employee.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used.

Analysis

SQL injection in itsourcecode Payroll Management System 1.0 via the ID parameter in /manage_employee.php allows unauthenticated remote attackers to execute arbitrary SQL queries and access or modify sensitive data. Public exploit code exists for this vulnerability, and no patch is currently available. …

Remediation

Within 24 hours: Identify all systems running Payroll Management System 1.0, isolate affected instances from production networks if possible, and implement emergency access controls. Within 7 days: Deploy Web Application Firewall (WAF) rules to block SQL injection patterns targeting /manage_employee.php, implement input validation at the application layer, and restrict access to the application by IP whitelist. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +36

POC: +20

CVE-2026-4223 vulnerability details – vuln.today

Back

CVE-2026-4223

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-4223

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code