CVE-2026-3746
SourceCodester Simple Responsive Tourism Website Login Login.php sql injection
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6.9EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
08 mar 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability was determined in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Login.php?f=login of the component Login. This manipulation of the argument Username causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Produtos afetados
SourceCodester · Simple Responsive Tourism WebsiteQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →