Is PHP affected by EUVD-2026-14388?

A critical SQL injection vulnerability in Simple Laundry System v1.0 allows unauthenticated attackers to access and manipulate the organization's database. With a public exploit readily available, this represents an immediate risk to customer data, operational integrity, and regulatory compliance.

EUVD-2026-14388

| CVE-2026-4579 MEDIUM

2026-03-23 VulDB

GHSA-xr35-94xw-8gm8

6.9

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

PoC Detected

Apr 03, 2026 - 17:48 vuln.today

Public exploit code

Analysis Generated

Mar 23, 2026 - 07:45 vuln.today

EUVD ID Assigned

Mar 23, 2026 - 07:45 euvd

EUVD-2026-14388

CVE Published

Mar 23, 2026 - 07:36 nvd

MEDIUM 6.9

Description

A vulnerability was identified in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /viewdetail.php of the component Parameters Handler. The manipulation of the argument serviceId leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Analysis

SQL injection in Simple Laundry System 1.0 through the serviceId parameter in /viewdetail.php allows unauthenticated remote attackers to execute arbitrary SQL queries. Public exploit code exists for this vulnerability, and no patch is currently available. …

Remediation

Within 24 hours: Identify all systems running Simple Laundry System v1.0 and isolate from production if feasible; assess whether customer payment or personal data is stored. Within 7 days: Deploy Web Application Firewall (WAF) rules blocking SQL injection patterns on the /viewdetail.php endpoint; implement input validation and parameterized queries if source code access is available. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +34

POC: +20

EUVD-2026-14388 vulnerability details – vuln.today

Back

EUVD-2026-14388

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

EUVD-2026-14388

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code