External risk intelligence

Guardian Language System Unauthenticated SQL Injection in job_info.php

CVE advisorySeverity: CRITICAL (CVSS 9.3)

CVE-2026-34099

The vulnerability resides in a PHP script (job_info.php) accessible via a GET parameter without authentication. As a web-based script designed to handle job information, it is typically deployed as part of a web application interface, making it likely to be reachable from the internet if the host application is exposed to the web.

SQL Injection

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

This vulnerability involves a security flaw in a language system that could allow an attacker to access sensitive database information without needing a password. The issue stems from how specific data is handled within the system's job information processing.

  • Unauthenticated access to sensitive database information.
  • Matters due to potential data breaches and system compromise.
  • Focus on confirming relevance and exposure of this system.

Attack Path

How an attacker could exploit the issue

An unauthenticated attacker can exploit this vulnerability by sending a crafted request to the `job_info.php` script. By manipulating the `id` GET parameter, the attacker can inject malicious SQL code, allowing them to access sensitive database information.

  • No authentication required.
  • Malicious SQL code via `id` parameter.
  • Unauthorized access to database contents.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability could allow an unauthenticated attacker to inject SQL commands into the `job_info.php` script. When this script processes the `id` parameter, it directly includes it in a database query without sanitization. This could lead to the extraction of sensitive information from the database.

  • Database contents and schema.
  • SQL injection via unsanitized parameter.
  • Disclosure of sensitive database information.

Operational Fix

Recommended remediation, mitigation, and detection steps

This unauthenticated SQL injection vulnerability in the Guardian language-system's `job_info.php` script requires immediate attention from teams responsible for web applications and database security. The first practical move is to identify all instances of the Guardian language-system, confirm their external reachability and business criticality, and then pinpoint the accountable owner for remediation planning.

  • Identify system owners and scope.
  • Verify external exposure and business impact.
  • Plan and execute risk-based remediation.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is the Guardian language-system?

Guardian is a software suite used for language processing and translation tasks. It includes web-based components, like the job_info.php script, designed to manage and retrieve information about translation or linguistic processing jobs. Organizations typically deploy these components to provide an interface for users to submit, track, or review the status of language-related workloads stored within the system's backend database.

How does CVE-2026-34099 trigger a SQL injection?

This vulnerability is classified as Improper Neutralization of Special Elements used in an SQL Command (CWE-89). It occurs because the system takes input from the 'id' parameter in a web request and inserts it directly into a database query string without any cleaning. Because the application fails to distinguish between the intended data and malicious commands, an attacker can manipulate the query logic to trick the database into revealing unauthorized information.

Do I need to be logged in to trigger this bug?

No. This vulnerability does not require authentication. An attacker can interact with the affected script directly by sending a specially crafted web request to the server. The bug is triggered specifically by manipulating the 'id' GET parameter; sending requests that do not involve this parameter or interacting with other parts of the application that properly sanitize input will not trigger this specific vulnerability.

Is my system at risk according to Halo Surface Signal?

Halo Surface Signal identifies this as a likely risk because the vulnerable job_info.php script is designed for web access and does not require a login. If your Guardian installation is hosted on a web server reachable from the internet, the interface is exposed to unauthorized requests. Systems restricted to internal, private networks face a lower profile, but they remain vulnerable if an attacker gains access to your internal environment.

When should I take action for this vulnerability?

You should prioritize this immediately. Start by creating an inventory of all servers running the Guardian language-system to determine where this software exists in your environment. Confirm which of these instances are accessible over the network, especially those facing the internet, and coordinate with the system owners to prepare for security updates or configuration changes to isolate the vulnerable script until a permanent fix is applied.

References