CVE-2026-6161: Simple ChatBox SQLi — High Severity, Public Exploit

/HIGH
SCW vulnerabilitycvehigh-severitysql-injectioncwe-74cwe-89
CVE-2026-6161: Simple ChatBox SQLi — High Severity, Public Exploit

The National Vulnerability Database (NVD) has logged CVE-2026-6161, a high-severity SQL injection vulnerability impacting Code-Projects’ Simple ChatBox, specifically versions up to 1.0. This flaw, rated 7.3 on the CVSS scale, resides within an unspecified part of the /chatbox/insert.php file, specifically tied to the ‘Endpoint’ component.

Attackers can trigger this vulnerability by manipulating the msg argument, leading to SQL injection. What makes this particularly nasty is its remote exploitability and the fact that a public exploit has already been disclosed. This significantly lowers the bar for threat actors looking to leverage this weakness, making it a critical concern for anyone still running this particular chatbox solution. The NVD classifies this under CWE-74 (Improper Neutralization of Special Elements in Output Used by a Different Context) and CWE-89 (Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)), highlighting a fundamental input validation failure.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1505.003 Server Software Component: Web Shell Persistence T1189 Drive-by Compromise Initial Access

🛡️ Detection Rules

6 rules · 5 SIEM formats

6 auto-generated detection rules for this incident, mapped to MITRE ATT&CK. Available in Sigma, Splunk SPL, Sentinel KQL, Elastic Lucene, and QRadar AQL.

high T1190 Initial Access

Web Application Exploitation Attempt — CVE-2026-6161

Sigma Splunk SPL Sentinel KQL Elastic QRadar AQL

Get this rule in your SIEM's native format — copy, paste, detect. No manual conversion.

6 Sigma rules mapped to the ATT&CK techniques from this breach — pick your SIEM and get a ready-to-paste query.

Get Detection Rules →

Indicators of Compromise

IDTypeIndicator
CVE-2026-6161 SQLi code-projects Simple ChatBox up to 1.0
CVE-2026-6161 SQLi Vulnerable file: /chatbox/insert.php
CVE-2026-6161 SQLi Vulnerable component: Endpoint
CVE-2026-6161 SQLi Vulnerable argument: msg

By Shimi's Cyber World Editorial

Related Posts

Critical RCE Flaw Hits NuGet Gallery Backend

CVE-2026-39399 — NuGet Gallery is a package repository that powers nuget.org. A security vulnerability exists in the NuGetGallery backend job’s handling of .nuspec files within...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-20cwe-22
/CRITICAL /⚑ 4 IOCs

BoidCMS LFI to RCE: A Critical Template Flaw

CVE-2026-39387 — BoidCMS is an open-source, PHP-based flat-file CMS for building simple websites and blogs, using JSON as its database. Versions prior to 2.1.3 are...

vulnerabilityCVEhigh-severityremote-code-executioncwe-98
/HIGH /⚑ 4 IOCs

Nanobot AI: WebSocket Hijack Puts WhatsApp Sessions at Risk

CVE-2026-35589 — nanobot is a personal AI assistant. Versions prior to 0.1.5 contain a Cross-Site WebSocket Hijacking (CSWSH) vulnerability exists in the bridge's WebSocket server...

vulnerabilityCVEhigh-severitycwe-1385
/HIGH /⚑ 5 IOCs