CVE-2026-8098: SQL Injection in code-projects Feedback System 1.0

/HIGH /CVSS 7.3/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severitysql-injectioncwe-74cwe-89
CVE-2026-8098: SQL Injection in code-projects Feedback System 1.0

The National Vulnerability Database has disclosed CVE-2026-8098, a high-severity SQL injection vulnerability impacting code-projects Feedback System 1.0. Specifically, an unknown function within the /admin/checklogin.php file is susceptible to manipulation via the email argument, leading to arbitrary SQL execution.

This vulnerability carries a CVSSv3.1 score of 7.3 (High), indicating a significant risk. Crucially, it’s remotely exploitable, requiring no authentication, and a public exploit has already been disclosed. This means attackers don’t need to be on the local network and proof-of-concept code is likely readily available, accelerating exploitation.

For defenders, this is a critical remote code execution vector if the application is internet-facing. SQL injection can lead to full database compromise, data exfiltration, and potentially even system-level access. Given the public exploit, patching or mitigation should be a top priority for any organization running this specific feedback system.

What This Means For You

  • If your organization uses code-projects Feedback System 1.0, you are directly exposed to CVE-2026-8098. Immediately identify all instances of this system and prioritize patching or isolating them. Assume compromise if you cannot confirm a patch, and audit logs for unusual database activity or unauthorized access attempts.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1505.003 Server Software Component: Web Shell Persistence T1189 Drive-by Compromise Initial Access

🛡️ Detection Rules

3 rules · 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

critical T1190 Initial Access

CVE-2026-8098: SQL Injection in code-projects Feedback System checklogin.php

Sigma YAML — free preview 
title: CVE-2026-8098: SQL Injection in code-projects Feedback System checklogin.php
id: scw-2026-05-07-ai-1
status: experimental
level: critical
description: |
  Detects attempts to exploit CVE-2026-8098 by targeting the /admin/checklogin.php script with SQL injection payloads. The rule specifically looks for the 'email' parameter in the query string and common SQL injection keywords and syntax patterns that indicate an attempt to manipulate the database.
author: SCW Feed Engine (AI-generated)
date: 2026-05-07
references:
  - https://shimiscyberworld.com/posts/nvd-CVE-2026-8098/
tags:
  - attack.initial_access
  - attack.t1190
logsource:
    category: webserver
detection:
  selection:
      cs-uri|contains:
          - '/admin/checklogin.php'
      cs-uri-query|contains:
          - 'email='
      cs-uri-query|contains:
          - ' OR '
      cs-uri-query|contains:
          - ' = '
      cs-uri-query|contains:
          - ' UNION '
      cs-uri-query|contains:
          - ' SELECT '
      cs-uri-query|contains:
          - ' FROM '
      cs-uri-query|contains:
          - ' --'
      cs-uri-query|contains:
          - ' #'
      condition: cs-uri AND cs-uri-query
falsepositives:
  - Legitimate administrative activity

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-8098 SQLi code-projects Feedback System 1.0
CVE-2026-8098 SQLi Vulnerable file: /admin/checklogin.php
CVE-2026-8098 SQLi Vulnerable argument: email

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedMay 08, 2026 at 00:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

CVE-2026-8112 — 8421bit MiniClaw Command Injection

CVE-2026-8112 — A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84. Affected is the function executeCognitivePulse of the file src/kernel.ts. Performing a manipulation results...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

Azure DevOps Critical Info Disclosure: CVE-2026-42826

CVE-2026-42826 — Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network.

vulnerabilityCVEcriticalhigh-severitycwe-200
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-41105: Azure Notification Service SSRF Allows Privilege Escalation

CVE-2026-41105 — Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to elevate privileges over a network.

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 2 IOCs /⚙ 3 Sigma