CVE-2026-5666 PUBLISHED

A vulnerability was detected in code-projects Online FIR System 1.0. Affected by this issue is some unknown functionality of the file /complaints.sql of the component SQL Database Backup File Handler. The manipulation results in insecure storage of sensitive information. The attack may be performed from remote. The exploit is now public and may be used.

• AhmadMarzouk (VulDB User) reporter

• VDB-355489 | code-projects Online FIR System SQL Database Backup File complaints.sql sensitive information
• VDB-355489 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #786322 | code-projects Online FIR System In PHP 1.0 Information Disclosure
• https://github.com/ahmadmarz10-hub/CVEsMarz/blob/main/Sensitive%20Information%20Disclosure%20in%20Online%20FIR%20System%20PHP%20Exposed%20Database%20Backup.md
• https://code-projects.org/

• Insecure Storage of Sensitive Information CWE
• Information Disclosure CWE