What is CVE-2026-9584?

CVE-2026-9584 is a high-severity vulnerability in Code-projects Project Management System, classified under Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection). CVSS score: 7.3/10. Published 2026-05-26.

How severe is CVE-2026-9584?

High severity. CVSS v3 base score is 7.3 out of 10.

SQL Injection in Code-projects Project Management System

CVE-2026-9584

A security vulnerability has been detected in code-projects Project Management System 1.0. Affected is an unknown function of the file chk.php of the component Login. The manipulation leads to sql injection. It is possible to initiate the…

EPSS: 0.000 (12.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.3 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L.

Affected products

Code-projects Project Management System — versions 1.0

Weakness classification (CWE)

References

cna@vuldb.com (vdb-entry)
cna@vuldb.com (signature, permissions-required)
cna@vuldb.com (third-party-advisory)
cna@vuldb.com (exploit)
cna@vuldb.com (product)

Frequently asked questions

What is CVE-2026-9584?: CVE-2026-9584 is a high-severity vulnerability in Code-projects Project Management System, classified under Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection). CVSS score: 7.3/10. Published 2026-05-26.
How severe is CVE-2026-9584?: High severity. CVSS v3 base score is 7.3 out of 10.