CVE-2026-37149
HIGHGROCERY-STORE-MANAGEMENT-SYSTEM-USING-PHP-AND-MYSQL-PHPMYADMIN v1.0 - SQL Injection via scost Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2026-37149. PoCs published by pateldhyeyit.
AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2026-37149, a SQL Injection vulnerability in GROCERY-STORE-MANAGEMENT-SYSTEM-USING-PHP-AND-MYSQL-PHPMYADMIN v1.0. It includes proof-of-concept payloads, technical details, and mitigation recommendations.
Description
GROCERY-STORE-MANAGEMENT-SYSTEM-USING-PHP-AND-MYSQL-PHPMYADMIN v1.0 was discovered to contain a SQL injection vulnerability in the scost parameter in /grocery/search_products.php. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement.
Exploits (1)
This repository provides a detailed technical analysis of CVE-2026-37149, a SQL Injection vulnerability in GROCERY-STORE-MANAGEMENT-SYSTEM-USING-PHP-AND-MYSQL-PHPMYADMIN v1.0. It includes proof-of-concept payloads, technical details, and mitigation recommendations.
Scores
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N