VYPR
Medium severity6.3NVD Advisory· Published May 31, 2026· Updated Jun 1, 2026

CVE-2026-10170

CVE-2026-10170

Description

A flaw has been found in code-projects Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /vms/php/phone_0.php. This manipulation of the argument phone causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

4

News mentions

2