EUVD-2026-14392
GHSA-24g2-fgx6-x4g7
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Description
A weakness has been identified in code-projects Simple Laundry System 1.0. Affected is an unknown function of the file /checklogin.php of the component Parameters Handler. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
SQL injection in Simple Laundry System 1.0's /checklogin.php parameter handler allows unauthenticated remote attackers to manipulate the Username field and execute arbitrary database queries. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all systems running Simple Laundry System 1.0 and assess business criticality; isolate affected systems from production networks if possible. Within 7 days: Implement Web Application Firewall (WAF) rules to block SQL injection patterns targeting /checklogin.php; enable comprehensive logging and monitoring for suspicious authentication attempts; restrict network access to the application to authorized users only. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today