SQL Injection Vulnerability in SourceCodester Payroll Management System by SourceCodester
CVE-2026-37347

9.1CRITICAL

Key Information:

Vendor: SourceCodester
Status: Payroll Management and Information System
Vendor: CVE Published:; 16 April 2026

🔔 Create SourceCodester Vulnerability Alert

What is CVE-2026-37347?

The Payroll Management and Information System v1.0 by SourceCodester is susceptible to an SQL Injection attack specifically located in the '/payroll/view_employee.php' file. This vulnerability can allow attackers to manipulate database queries, potentially leading to unauthorized data access and compromise of sensitive information. It is crucial for users of this software to implement security measures to mitigate these risks and ensure the integrity of their data.

References

https://github.com/mt-0505/cve-report/blob/main/sourcecod...

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 16, 2026
Vulnerability Reserved
Apr 6, 2026

CVE-2026-37347 Data

JSON