2 matches found
CVE-2026-6037
CVE-2026-6037 affects Code-Projects’ Vehicle Showroom Management System 1.0. The vulnerability is in the /util/AddVehicleFunction.php function where manipulation of BRANCH_ID enables SQL injection. Exploitation is remote and a public exploit has been disclosed. No remediation details are provided...
CVE-2026-6034
The CVE-2026-6034 entry concerns code-projects Vehicle Showroom Management System 1.0. The vulnerability affects the file /BranchManagement/ProfitAndLossReport.php where manipulating the BRANCH_ID parameter enables cross-site scripting. The description indicates a remote attack is possible and th...