CNNVD-202602-2092 Information

CNNVD ID

CNNVD-202602-2092

Related CVE

CVE-2019-25347

• CNNVD Published: 2026-02-12

Description (Chinese)

thesystem是kostasmitroglou个人开发者的一个密码管理项目。 thesystem 1.0版本存在SQL注入漏洞，该漏洞源于对参数username的操作不当，可能导致SQL注入攻击。

Description (English)

The system is a password management project for Kostasmitroglou personal developers. Version 1.0 of the system has an injection loophole in SQL, which results from improper operation of the parameter username, which could lead to an SQL injection attack.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

个人开发者

Published

2026-02-12

Last Modified

2026-02-24

References

https://github.com/kostasmitroglou/thesystem https://www.exploit-db.com/exploits/47432 https://www.vulncheck.com/advisories/thesystem-app-username-sql-injection