CVE-2026-10237

MEDIUM NVD

CVSS Score 4.7

Severity MEDIUM

Published Jun 01, 2026

Vendor unknown

Description

A vulnerability was found in SourceCodester Water Billing Management System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage_user of the component User Management Module. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used.

References

https://github.com/renzortega1337/Security-Research-/blob/main/Authenticated%20SQL%20Injection%20in%20User%20Management.md
https://vuldb.com/cve/CVE-2026-10237
https://vuldb.com/submit/823145
https://vuldb.com/vuln/367516
https://vuldb.com/vuln/367516/cti