Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
SourceCodester/jkev Record Management System: Unsecured Login Input
CVE-2026-5575
Summary
An attacker can inject malicious SQL code through the login form, potentially allowing unauthorized access to the system. This affects the SourceCodester/jkev Record Management System version 1.0. We recommend updating to a fixed version or patching the vulnerable code to prevent exploitation.
Original title
A vulnerability was detected in SourceCodester/jkev Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipu...
Original description
A vulnerability was detected in SourceCodester/jkev Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
6.9
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 5 Apr 2026 · Updated: 5 Apr 2026 · First seen: 5 Apr 2026