Is PHP affected by CVE-2026-4533?

Organizations using A vulnerability should be aware of moderate risk from CVE-2026-4533, a SQL injection vulnerability rated CVSS 6.3. Exploitation could allow attackers to execute code or inject malicious input. Proof-of-concept code is publicly available.

CVE-2026-4533

EUVD-2026-14271 MEDIUM

2026-03-22 VulDB

5.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

PoC Detected

Apr 02, 2026 - 20:51 vuln.today

Public exploit code

Analysis Generated

Mar 22, 2026 - 02:30 vuln.today

EUVD ID Assigned

Mar 22, 2026 - 02:30 euvd

EUVD-2026-14271

CVE Published

Mar 22, 2026 - 02:02 nvd

MEDIUM 5.3

Description

A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used.

Analysis

SQL injection in Simple Food Ordering System 1.0 allows authenticated remote attackers to manipulate the Status parameter in all-tickets.php and execute arbitrary SQL queries. Public exploit code exists for this vulnerability, enabling attackers with valid credentials to read, modify, or delete database contents. …

Remediation

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Validate input sanitization for user-controlled parameters.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +26

POC: +20

CVE-2026-4533 vulnerability details – vuln.today

Back

CVE-2026-4533

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-4533

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code