CNNVD-202602-2093 Information

CNNVD ID

CNNVD-202602-2093

Related CVE

CVE-2019-25346

• CNNVD Published: 2026-02-12

Description (Chinese)

thesystem是kostasmitroglou个人开发者的一个密码管理项目。 TheSystem 1.0版本存在SQL注入漏洞，该漏洞源于对参数server_name的操作不当，可能导致SQL注入攻击。

Description (English)

The system is a password management project for Kostasmitroglou personal developers. Version 1.0 of The System has an injection loophole in SQL, which results from inappropriate handling of the parameter server name, which could lead to an SQL injection attack.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

个人开发者

Published

2026-02-12

Last Modified

2026-02-24

References

https://github.com/kostasmitroglou/thesystem https://www.exploit-db.com/exploits/47430 https://www.vulncheck.com/advisories/thesystem-servername-sql-injection