CVE-2026-4581

CWE-74 CWE-89 — SQL Injection3 documents3 sources

Severity

6.9MEDIUM

EPSS

0.0%

top 89.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Code-projects Simple Laundry System

Timeline

PublishedMar 23

Description

A weakness has been identified in code-projects Simple Laundry System 1.0. Affected is an unknown function of the file /checklogin.php of the component Parameters Handler. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. If you want to get best quality of vulnerability data, you may have to visit VulDB.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5code-projects/simple_laundry_system1.0

▶NVDcode-projects/simple_laundry_system1.0

🔴Vulnerability Details

GHSA

GHSA-24g2-fgx6-x4g7: A weakness has been identified in code-projects Simple Laundry System 1↗2026-03-23

▶

CVEList

code-projects Simple Laundry System Parameters checklogin.php sql injection↗2026-03-23

▶