Vulnerabilities

CVE-2026-39110

by Fred · 20/04/2026

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page (forgot-password.php). This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve sensitive database contents.

More information : https://github.com/efekaanakkar/Apartment-Visitors-Management-System-CVEs/

Similar

Tags: Cybersecurity Alert