Vulnerabilities ›

CVE-2026-5824

High

CWE-74 — Weakness Type

                    Published: Apr 9, 2026                      ·  Modified: Apr 15, 2026                      ·  Source: NVD                

CVSS v3

7.3

🔗 NVD Official

📄 Description (English)

A security vulnerability has been detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /userchecklogin.php. Such manipulation of the argument userid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.

🤖 AI Executive Summary

CVE-2026-5824 is a SQL injection vulnerability in Simple Laundry System 1.0 affecting the /userchecklogin.php file through the userid parameter. Remote attackers can exploit this publicly disclosed vulnerability without authentication to compromise database integrity and confidentiality.

📄 Description (Arabic)

ثغرة حقن SQL في نظام الغسيل البسيط الإصدار 1.0 تؤثر على ملف /userchecklogin.php حيث لا يتم التحقق من صحة معامل userid بشكل صحيح. يمكن للمهاجمين تنفيذ أوامر SQL عشوائية للوصول إلى بيانات حساسة أو تعديلها.

🤖 ملخص تنفيذي (AI)

A SQL injection flaw exists in Simple Laundry System 1.0 where the userid parameter in /userchecklogin.php is not properly sanitized. Attackers can remotely execute arbitrary SQL commands to access or modify sensitive data.

🤖 AI Intelligence Analysis Analyzed: May 7, 2026 13:16

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: high

🏢 Affected Saudi Sectors

healthcare government

🎯 MITRE ATT&CK Techniques

T1190 T1110 T1021

⚖️ Saudi Risk Score (AI)

7.0

/ 10.0

🔧 Remediation Steps (English)

Immediately update Simple Laundry System to the latest patched version. Implement parameterized queries and prepared statements for all database operations. Apply input validation and sanitization on the userid parameter. Deploy Web Application Firewall (WAF) rules to detect and block SQL injection attempts. Conduct security code review of all user input handling.

🔧 خطوات المعالجة (العربية)

قم بتحديث نظام الغسيل البسيط إلى أحدث إصدار معدل فوراً. طبق الاستعلامات المعاملية والبيانات المحضرة لجميع عمليات قاعدة البيانات. طبق التحقق من صحة المدخلات وتنظيفها على معامل userid. نشر قواعد جدار حماية تطبيقات الويب لكشف ومنع هجمات حقن SQL. أجرِ مراجعة أمان شاملة لجميع معالجات المدخلات.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A.10.1.1 A.12.2.1 A.14.2.1

🔵 SAMA CSF

ID.GV-1 PR.DS-6 PR.AC-1

🟡 ISO 27001:2022

A.12.2.1 A.14.2.1 A.13.1.1

🔗 References & Sources 5

🔗

https://code-projects.org/

cna@vuldb.com

🔗

https://github.com/lonelyuan/vunls/issues/1

cna@vuldb.com

🔗

https://vuldb.com/submit/788302

cna@vuldb.com

🔗

https://vuldb.com/vuln/356271

cna@vuldb.com

🔗

https://vuldb.com/vuln/356271/cti

cna@vuldb.com

📊 CVSS Score

7.3

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityL — Low / Local

IntegrityL — Low / Local

AvailabilityL — Low / Local

📋 Quick Facts

Severity High

CVSS Score7.3

CWECWE-74

EPSS0.04%

Exploit No

Patch ✗ No

Published 2026-04-09

Source Feed nvd

🇸🇦 Saudi Risk Score

7.0

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-74

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2026-5824

💬 Comments

Introduce Yourself

Sign In Required