EUVD-2026-35026
GHSA-c2x4-3659-mm9x
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability was detected in CodeAstro Ingredients Stock Management System 1.0. This impacts an unknown function of the file /Ingredients-Stock/add_stock.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.
AnalysisAI
SQL injection in CodeAstro Ingredients Stock Management System 1.0 exposes the /Ingredients-Stock/add_stock.php endpoint to authenticated remote attackers who can manipulate the ID parameter to execute arbitrary SQL commands against the backend database. The attack is network-accessible with low complexity, enabling unauthorized data exfiltration, record manipulation, and potential escalation within the database tier. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires a valid low-privilege authenticated session on the CodeAstro Ingredients Stock Management System, as confirmed by the CVSS vector `PR:L` (Low Privileges Required). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 6.3 base score reflects a network-reachable (AV:N), low-complexity (AC:L), low-privilege-required (PR:L) attack with no user interaction (UI:N), yielding partial confidentiality, integrity, and availability impact (C:L/I:L/A:L). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with a valid low-privilege account on the CodeAstro application sends a crafted HTTP POST or GET request to `/Ingredients-Stock/add_stock.php` with a SQL payload embedded in the `ID` parameter (e.g., `1 UNION SELECT table_name,null FROM information_schema.tables--`), causing the application to return database schema or record contents in the response. A public proof-of-concept is available via a GitHub issue (https://github.com/yihaofuweng/cve/issues/66), meaning the exploitation technique is documented and reproducible with minimal effort by any authenticated user. |
| Remediation | No vendor-released patch or fixed version has been identified in the available data - the CPE wildcard and absence of a patch reference in VulDB suggest no upstream fix has been published as of this analysis. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today