SQL Injection Vulnerability in SourceCodester's Online Attendance System
CVE-2026-37594

2.7LOW

Key Information:

Vendor: SourceCodester
Status: Online Employees Work From Home Attendance System
Vendor: CVE Published:; 14 April 2026

🔔 Create SourceCodester Vulnerability Alert

What is CVE-2026-37594?

The SourceCodester Online Employees Work From Home Attendance System v1.0 has a vulnerability that allows attackers to execute arbitrary SQL code via crafted input in the view_employee.php file. This flaw could potentially lead to unauthorized access to sensitive data within the database, compromising both system integrity and confidentiality.

References

https://github.com/shininadd/cve_report/blob/main/sourcec...

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 14, 2026
Vulnerability Reserved
Apr 6, 2026

CVE-2026-37594 Data

JSON