EUVD-2026-33570
GHSA-3wx5-jqq8-r5f9
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A flaw has been found in CodeAstro Ingredients Stock Management System 1.0. This vulnerability affects unknown code of the file /Ingredients-Stock/stock_manager.php. This manipulation of the argument txt_search_category causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.
AnalysisAI
SQL injection in CodeAstro Ingredients Stock Management System 1.0 exposes authenticated remote attackers a direct path to database manipulation through the unsanitized txt_search_category parameter in /Ingredients-Stock/stock_manager.php. The CVSS vector (PR:L) confirms that low-privilege authentication is required, partially limiting exposure, but a publicly available proof-of-concept on GitHub significantly lowers the exploitation barrier. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires a valid low-privilege user account on the CodeAstro Ingredients Stock Management System - confirmed by the CVSS PR:L designation. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 6.3 Medium score reflects a balanced signal set: AV:N (network-exploitable), AC:L (no special conditions beyond authentication), PR:L (requires any valid low-privilege account), UI:N (no victim interaction), with partial confidentiality, integrity, and availability impact (C:L/I:L/A:L) and unchanged scope (S:U). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained or registered a low-privilege account on the Ingredients Stock Management System navigates to the stock manager search interface and submits a crafted SQL payload (e.g., a UNION-based or error-based injection string) in the category search field. The unsanitized input is passed directly into a backend SQL query, allowing the attacker to enumerate database tables, extract credential hashes or other sensitive records, or modify inventory data. … |
| Remediation | No vendor-released patch has been identified at time of analysis; the VulDB submission at https://vuldb.com/submit/823086 and vendor site https://codeastro.com/ should be monitored for updates. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today