📄 Description (English)
A vulnerability was detected in code-projects Faculty Management System 1.0. Impacted is an unknown function of the file /subject-print.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.
🤖 AI Executive Summary
CVE-2026-6167 is a critical SQL injection vulnerability in Faculty Management System 1.0 affecting the /subject-print.php endpoint through the ID parameter. With a CVSS score of 7.3 and public exploit availability, this poses an immediate threat to educational institutions and organizations using this system. No patch is currently available, requiring immediate compensating controls and system isolation.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: May 7, 2026 19:00
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability primarily impacts Saudi educational institutions (universities, colleges) and government education ministries using Faculty Management System 1.0. Secondary impact extends to government agencies managing educational data, healthcare institutions with faculty management modules, and any organization storing sensitive personnel or student information through this system. The SQL injection could lead to unauthorized access to student records, faculty credentials, grades, and institutional data—critical for compliance with NCA and SAMA requirements.
🏢 Affected Saudi Sectors
Education (Universities, Colleges, Ministry of Education)
Government (Administrative agencies using faculty systems)
Healthcare (Medical schools, hospital faculty management)
Research Institutions
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
8.2
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:
1. Isolate all Faculty Management System 1.0 instances from production networks or disable /subject-print.php endpoint immediately
2. Implement Web Application Firewall (WAF) rules to block requests containing SQL injection patterns to /subject-print.php (e.g., UNION, SELECT, OR 1=1)
3. Review access logs for the past 30 days for suspicious ID parameter values
4. Change all database credentials and service account passwords
COMPENSATING CONTROLS:
5. Implement input validation: whitelist only numeric values for ID parameter
6. Apply parameterized queries/prepared statements if source code access available
7. Enable database query logging and monitor for anomalous SQL patterns
8. Restrict database user permissions to minimum required (read-only where possible)
9. Implement network segmentation to limit lateral movement from compromised system
DETECTION RULES:
10. Monitor for HTTP requests to /subject-print.php with ID parameters containing: quotes, semicolons, SQL keywords (UNION, SELECT, DROP, INSERT, UPDATE, DELETE)
11. Alert on database connection attempts from unexpected service accounts
12. Track failed authentication attempts and privilege escalation attempts
13. Evaluate migration to patched alternative faculty management solution
14. Conduct forensic analysis if any suspicious activity detected
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. عزل جميع نسخ نظام إدارة الكليات الإصدار 1.0 عن شبكات الإنتاج أو تعطيل نقطة النهاية /subject-print.php فوراً
2. تطبيق قواعد جدار حماية تطبيقات الويب (WAF) لحجب الطلبات التي تحتوي على أنماط حقن SQL إلى /subject-print.php
3. مراجعة سجلات الوصول لآخر 30 يوماً للقيم المريبة في معامل ID
4. تغيير جميع بيانات اعتماد قاعدة البيانات وكلمات مرور حسابات الخدمة
الضوابط التعويضية:
5. تطبيق التحقق من صحة الإدخال: قائمة بيضاء للقيم الرقمية فقط لمعامل ID
6. تطبيق الاستعلامات المعاملة/البيانات المحضرة إذا كان الوصول إلى الكود المصدري متاحاً
7. تفعيل تسجيل استعلامات قاعدة البيانات ومراقبة الأنماط غير الطبيعية
8. تقييد أذونات مستخدم قاعدة البيانات للحد الأدنى المطلوب
9. تطبيق تقسيم الشبكة لتحديد الحركة الجانبية من النظام المخترق
قواعد الكشف:
10. مراقبة طلبات HTTP إلى /subject-print.php مع معاملات ID تحتوي على: علامات اقتباس، فواصل منقوطة، كلمات SQL
11. تنبيهات محاولات الاتصال بقاعدة البيانات من حسابات خدمة غير متوقعة
12. تتبع محاولات المصادقة الفاشلة ومحاولات تصعيد الامتيازات
13. تقييم الهجرة إلى حل بديل معدل لإدارة الكليات
14. إجراء تحليل جنائي إذا تم اكتشاف أي نشاط مريب
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
A.5.1.1 - Information Security Policies (data protection requirements)
A.5.2.1 - Access Control (unauthorized access prevention)
A.5.3.1 - Cryptography (data confidentiality)
A.5.4.1 - Physical and Environmental Security (system isolation)
A.5.5.1 - Operations Security (vulnerability management)
A.5.6.1 - Communications Security (secure data transmission)
🔵 SAMA CSF
ID.AM-2 - Asset Management (identify vulnerable systems)
PR.AC-1 - Access Control (prevent unauthorized access)
PR.DS-1 - Data Security (protect sensitive data)
DE.CM-1 - Detection and Analysis (monitor for attacks)
RS.RP-1 - Response Planning (incident response procedures)
🟡 ISO 27001:2022
A.5.1.1 - Information security policies
A.5.2.1 - User access management
A.5.3.1 - Cryptography
A.5.4.1 - Physical and environmental security
A.5.5.1 - Operations security
A.5.6.1 - Communications security
A.5.7.1 - System acquisition, development and maintenance
🟣 PCI DSS v4.0.1
Requirement 1 - Install and maintain firewall configuration
Requirement 2 - Do not use vendor-supplied defaults
Requirement 6 - Develop and maintain secure systems
Requirement 11 - Regularly test security systems