Sherlock Accounting System vulnerabilities

CVE-2026-5033 [MEDIUM] CWE-74 CVE-2026-5033: A vulnerability was detected in code-projects Accounting System 1.0. Affected by this vulnerability A vulnerability was detected in code-projects Accounting System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_costumer.php of the component Parameter Handler. The manipulation of the argument cos_id results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.

CVE-2026-5034 [MEDIUM] CWE-74 CVE-2026-5034: A flaw has been found in code-projects Accounting System 1.0. Affected by this issue is some unknown A flaw has been found in code-projects Accounting System 1.0. Affected by this issue is some unknown functionality of the file /edit_costumer.php of the component Parameter Handler. This manipulation of the argument cos_id causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.

CVE-2026-5035 [MEDIUM] CWE-74 CVE-2026-5035: A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part of the file /view_work.php of the component Parameter Handler. Such manipulation of the argument en_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.