code-projects Simple ChatBox Endpoint insert.php sql injection_CVE-2026-6161

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argument msg can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.

Basic Information

ID CVE-2026-6161

Source VulDB

Published Apr 13, 2026 at 04:45

Affected Product

Vendor code-projects

Product Simple ChatBox

Version 1.0

Affected Versions code-projects Simple ChatBox 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argument msg can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.",
    "published": "2026-04-13T04:45:13.164Z",
    "modified": "2026-04-13T04:45:13.164Z",
    "type": "cve",
    "title": "code-projects Simple ChatBox Endpoint insert.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/357041\nhttps://vuldb.com/vuln/357041/cti\nhttps://vuldb.com/submit/796697\nhttps://github.com/ahmadmarz10-hub/CVEsMarz/blob/main/SQL%20Injection%20in%20Simple%20Chatbox%20PHP%20msg%20Parameter.md\nhttps://code-projects.org/",
    "id": "CVE-2026-6161",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "code-projects Simple ChatBox 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Simple ChatBox",
    "version": "1.0",
    "vendor": "code-projects",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}