Contact Management System

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-2176 MEDIUM This Month

SQL injection in code-projects Contact Management System 1.0 allows authenticated remote attackers to manipulate the selecteditem[0] parameter in index.py and execute arbitrary SQL queries. The vulnerability requires valid user credentials but enables data exfiltration, modification, and potential system compromise. No patch is currently available.

SQLi Contact Management System
NVD VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-2174 HIGH This Week

Improper authentication in the CRUD endpoint of code-projects Contact Management System 1.0 allows unauthenticated remote attackers to manipulate ID parameters and bypass access controls. This vulnerability enables unauthorized users to read, modify, or delete sensitive contact data without valid credentials. No patch is currently available.

Authentication Bypass Contact Management System
NVD VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-2176
EPSS 0% CVSS 6.3
MEDIUM This Month

SQL injection in code-projects Contact Management System 1.0 allows authenticated remote attackers to manipulate the selecteditem[0] parameter in index.py and execute arbitrary SQL queries. The vulnerability requires valid user credentials but enables data exfiltration, modification, and potential system compromise. No patch is currently available.

SQLi Contact Management System
NVD VulDB
CVE-2026-2174
EPSS 0% CVSS 7.3
HIGH This Week

Improper authentication in the CRUD endpoint of code-projects Contact Management System 1.0 allows unauthenticated remote attackers to manipulate ID parameters and bypass access controls. This vulnerability enables unauthorized users to read, modify, or delete sensitive contact data without valid credentials. No patch is currently available.

Authentication Bypass Contact Management System
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy