NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-39110

Summary	SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the contactno parameter of the forgot password page (forgot-password.php). This allows an unauthenticated attacker to manipulate backend SQL queries during authentication and retrieve sensitive database contents.
Publication Date	April 21, 2026, 3:16 a.m.
Registration Date	April 21, 2026, 4:09 a.m.
Last Update	April 21, 2026, 3:51 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/efekaanakkar/Apartment-Visitors-Management-System-CVEs/	cve@mitre.org
2	https://phpgurukul.com/?sdm_process_download=1&download_id=21524	cve@mitre.org
3	https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/	cve@mitre.org

Common Vulnerabilities List