Vulnerabilities ›

CVE-2026-5635

Medium

CWE-74 — Weakness Type

                    Published: Apr 6, 2026                      ·  Modified: Apr 9, 2026                      ·  Source: NVD                

CVSS v3

6.3

🔗 NVD Official

📄 Description (English)

A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Parameter Handler. The manipulation of the argument cid results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.

🤖 AI Executive Summary

CVE-2026-5635 is a SQL injection vulnerability in PHPGurukul Online Shopping Portal Project 2.1 affecting the /categorywise-products.php file through the 'cid' parameter. With a CVSS score of 6.3 (medium) and public exploit availability, this vulnerability poses a significant risk to e-commerce platforms and retail organizations in Saudi Arabia. No patch is currently available, requiring immediate compensating controls and input validation hardening.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: May 19, 2026 16:49

🇸🇦 Saudi Arabia Impact Assessment

This vulnerability primarily impacts Saudi e-commerce platforms, retail organizations, and small-to-medium enterprises (SMEs) using PHPGurukul for online sales. High-risk sectors include: (1) Retail & E-commerce - direct exposure through shopping portals; (2) Banking/SAMA-regulated entities - if integrated with payment processing systems; (3) Government procurement portals - if using this framework; (4) Telecom operators (STC, Mobily, Zain) - if operating e-commerce subsidiaries. SQL injection could lead to unauthorized database access, customer data theft (PII, payment information), inventory manipulation, and potential regulatory violations under SAMA and NCA frameworks.

🏢 Affected Saudi Sectors

Retail & E-commerce Banking & Financial Services Government & Public Sector Telecommunications Healthcare (if using for patient portals) Hospitality & Tourism Small-to-Medium Enterprises (SMEs)

🎯 MITRE ATT&CK Techniques

T1190 - Exploit Public-Facing Application T1566 - Phishing (if combined with social engineering) T1005 - Data from Local System (database exfiltration) T1040 - Traffic Sniffing (potential credential capture) T1110 - Brute Force (credential enumeration via SQL injection) T1021 - Remote Services (lateral movement post-exploitation)

⚖️ Saudi Risk Score (AI)

7.2

/ 10.0

🔧 Remediation Steps (English)

IMMEDIATE ACTIONS:

1. Identify all instances of PHPGurukul 2.1 in your environment using network scanning and asset inventory tools

2. Isolate affected systems from production networks if possible, or implement WAF rules to block malicious requests

3. Review database access logs for suspicious SQL patterns and unauthorized queries

4. Notify customers of potential data exposure and monitor for fraudulent activity

PATCHING GUIDANCE:

1. Upgrade to PHPGurukul version 3.0 or later (if available) or migrate to actively maintained e-commerce platforms

2. If upgrade is not immediately possible, apply the following code-level fixes:

- Replace direct SQL queries with prepared statements using parameterized queries

- Implement input validation: validate 'cid' parameter as integer only using intval() or type casting

- Apply output encoding for all database results

COMPENSATING CONTROLS:

1. Deploy Web Application Firewall (WAF) rules to detect and block SQL injection patterns in the 'cid' parameter

2. Implement database activity monitoring (DAM) to detect anomalous queries

3. Apply principle of least privilege - restrict database user permissions to SELECT only on necessary tables

4. Enable SQL query logging and set up alerts for suspicious patterns

5. Implement rate limiting on /categorywise-products.php endpoint

DETECTION RULES:

1. Monitor for SQL keywords in 'cid' parameter: UNION, SELECT, INSERT, DELETE, DROP, OR, AND, EXEC, SCRIPT

2. Alert on multiple failed database queries from same source IP

3. Track unusual database connection patterns or privilege escalation attempts

4. Log all requests to /categorywise-products.php with parameter values for forensic analysis

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. تحديد جميع نسخ PHPGurukul 2.1 في بيئتك باستخدام أدوات المسح الشبكي وجرد الأصول

2. عزل الأنظمة المتأثرة عن شبكات الإنتاج إن أمكن، أو تطبيق قواعد WAF لحجب الطلبات الضارة

3. مراجعة سجلات الوصول إلى قاعدة البيانات للبحث عن أنماط SQL المريبة والاستعلامات غير المصرح بها

4. إخطار العملاء بالتعرض المحتمل للبيانات ومراقبة النشاط الاحتيالي

إرشادات التصحيح:

1. الترقية إلى إصدار PHPGurukul 3.0 أو أحدث (إن توفر) أو الهجرة إلى منصات تجارة إلكترونية مدعومة بنشاط

2. إذا لم تكن الترقية ممكنة فوراً، طبق الإصلاحات التالية على مستوى الكود:

- استبدل استعلامات SQL المباشرة بعبارات معدة باستخدام استعلامات معاملات

- طبق التحقق من صحة المدخلات: تحقق من معامل 'cid' كعدد صحيح فقط باستخدام intval()

- طبق ترميز الإخراج لجميع نتائج قاعدة البيانات

الضوابط التعويضية:

1. نشر قواعد جدار حماية تطبيقات الويب (WAF) للكشف عن أنماط حقن SQL وحجبها

2. تطبيق مراقبة نشاط قاعدة البيانات (DAM) للكشف عن الاستعلامات الشاذة

3. تطبيق مبدأ أقل امتياز - تقييد أذونات مستخدم قاعدة البيانات على SELECT فقط

4. تفعيل تسجيل استعلامات SQL وإعداد تنبيهات للأنماط المريبة

5. تطبيق تحديد معدل على نقطة نهاية /categorywise-products.php

قواعد الكشف:

1. مراقبة كلمات SQL الرئيسية في معامل 'cid': UNION, SELECT, INSERT, DELETE, DROP, OR, AND, EXEC, SCRIPT

2. تنبيه على استعلامات قاعدة بيانات متعددة فاشلة من نفس عنوان IP المصدر

3. تتبع أنماط اتصال قاعدة البيانات غير العادية أو محاولات تصعيد الامتيازات

4. تسجيل جميع الطلبات إلى /categorywise-products.php مع قيم المعاملات للتحليل الجنائي

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

ECC 2024 A.14.2.1 - Secure development policy and procedures ECC 2024 A.14.2.5 - Secure coding practices and code review ECC 2024 A.14.3.1 - Testing of security functionality ECC 2024 A.13.1.3 - Segregation of development, test and production environments

🔵 SAMA CSF

SAMA CSF 2.1 - Vulnerability Management SAMA CSF 2.2 - Patch Management SAMA CSF 3.1 - Access Control and Authentication SAMA CSF 4.1 - Data Protection and Privacy

🟡 ISO 27001:2022

ISO 27001:2022 A.8.1 - User endpoint devices ISO 27001:2022 A.8.3 - Access control ISO 27001:2022 A.14.2 - Development security ISO 27001:2022 A.14.3 - Testing of information systems

🟣 PCI DSS v4.0.1

PCI DSS 6.2 - Ensure security patches are installed PCI DSS 6.5.1 - Injection flaws prevention PCI DSS 6.5.6 - Parameterized queries requirement PCI DSS 11.3 - Penetration testing and vulnerability scanning

🔗 References & Sources 5

🔗

https://github.com/f1rstb100d/CVE/issues/15

cna@vuldb.com

🔗

https://phpgurukul.com/

cna@vuldb.com

🔗

https://vuldb.com/submit/785872

cna@vuldb.com

🔗

https://vuldb.com/vuln/355423

cna@vuldb.com

🔗

https://vuldb.com/vuln/355423/cti

cna@vuldb.com

📊 CVSS Score

6.3

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityL — Low / Local

IntegrityL — Low / Local

AvailabilityL — Low / Local

📋 Quick Facts

Severity Medium

CVSS Score6.3

CWECWE-74

EPSS0.01%

Exploit No

Patch ✗ No

Published 2026-04-06

Source Feed nvd

🇸🇦 Saudi Risk Score

7.2

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-74

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2026-5635

💬 Comments

Introduce Yourself

Sign In Required