CVE-2026-8098

CVE Database · CVE-2026-8098

CVE-2026-8098

· HIGHDeferred

CVSS v3.1

7.3

CVSS v4.0

5.5

EPSS

0.25%

Published

May 7, 2026

Modified

May 11, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A security vulnerability has been detected in code-projects Feedback System 1.0. Impacted is an unknown function of the file /admin/checklogin.php. Such manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Weaknesses (CWE)

CWE-74CWE-89

References (5)

https://code-projects.org/

https://github.com/redshadowword-cell/CVE/issues/3

https://vuldb.com/submit/808126

https://vuldb.com/vuln/361851

https://vuldb.com/vuln/361851/cti

KEV Catalog EPSS Scores Vendors All CVEs