CVE-2026-0606 code-projects Online Music Site Albums.php sql injection

A vulnerability was detected in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /FrontEnd/Albums.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now...

CVE-2026-0606

CVE-2026-0606 affects code-projects Online Music Site 1.0. The vulnerability exists in the /FrontEnd/Albums.php file where manipulating the ID argument triggers an SQL injection. The issue can be exploited remotely and public PoC/exploit are noted in multiple feeds, indicating active public expos...

CVE-2026-0605

A security vulnerability has been detected in code-projects Online Music Site 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. Such manipulation of the argument username/password leads to sql injection. The attack may be performed from remote. The exploit ha...

CVE-2026-0605

A security vulnerability has been detected in code-projects Online Music Site 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. Such manipulation of the argument username/password leads to sql injection. The attack may be performed from remote. The exploit ha...

CVE-2026-0605 code-projects Online Music Site login.php sql injection

A security vulnerability has been detected in code-projects Online Music Site 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. Such manipulation of the argument username/password leads to sql injection. The attack may be performed from remote. The exploit ha...

CVE-2026-0605 code-projects Online Music Site login.php sql injection

A security vulnerability has been detected in code-projects Online Music Site 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. Such manipulation of the argument username/password leads to sql injection. The attack may be performed from remote. The exploit ha...

CVE-2026-0605

The CVE-2026-0605 entry concerns code-projects Online Music Site 1.0, specifically a SQL injection in the /login.php handler caused by improper handling/manipulation of the username and password parameters. All connected documents consistently indicate the flaw is exploitable remotely and that th...

CVE-2026-0592

CVE-2026-0592 affects code-projects Online Product Reservation System 1.0, specifically the User Registration Handler’s register_code.php. The vulnerability is a SQL injection caused by manipulating input fields (fname, lname, address, city, province, country, zip, tel_no, email, username) in the...

CVE-2026-0592 code-projects Online Product Reservation System User Registration register_code.php sql injection

A security flaw has been discovered in code-projects Online Product Reservation System 1.0. This affects an unknown function of the file /handgunner-administrator/registercode.php of the component User Registration Handler. Performing a manipulation of the argument...

CVE-2026-0592 code-projects Online Product Reservation System User Registration register_code.php sql injection

A security flaw has been discovered in code-projects Online Product Reservation System 1.0. This affects an unknown function of the file /handgunner-administrator/registercode.php of the component User Registration Handler. Performing a manipulation of the argument...

CVE-2026-0589

A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the component Administration Backend. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has been made public and could be us...

CVE-2026-0591

Code-projects Online Product Reservation System 1.0 contains a SQL injection vulnerability in the Cart Update Handler, specifically in the /app/checkout/update.php file’s unknown function. Manipulating the id/qty parameter can trigger the injection, enabling remote exploitation. Public exploit/Po...

CVE-2026-0591 code-projects Online Product Reservation System Cart Update update.php sql injection

A vulnerability was identified in code-projects Online Product Reservation System 1.0. The impacted element is an unknown function of the file /app/checkout/update.php of the component Cart Update Handler. Such manipulation of the argument id/qty leads to sql injection. It is possible to launch t...

CVE-2026-0591 code-projects Online Product Reservation System Cart Update update.php sql injection

A vulnerability was identified in code-projects Online Product Reservation System 1.0. The impacted element is an unknown function of the file /app/checkout/update.php of the component Cart Update Handler. Such manipulation of the argument id/qty leads to sql injection. It is possible to launch t...

CVE-2026-0590 code-projects Online Product Reservation System POST Parameter delete.php sql injection

A vulnerability was determined in code-projects Online Product Reservation System 1.0. The affected element is an unknown function of the file /app/checkout/delete.php of the component POST Parameter Handler. This manipulation of the argument ID causes sql injection. It is possible to initiate th...

CVE-2026-0590 code-projects Online Product Reservation System POST Parameter delete.php sql injection

A vulnerability was determined in code-projects Online Product Reservation System 1.0. The affected element is an unknown function of the file /app/checkout/delete.php of the component POST Parameter Handler. This manipulation of the argument ID causes sql injection. It is possible to initiate th...

CVE-2026-0590

Code-projects Online Product Reservation System 1.0 is affected in /app/checkout/delete.php where the POST Parameter Handler manipulates the ID argument, causing SQL injection. The vulnerability is exploitable remotely and exploits have been publicly disclosed. Remediation guidance from connected...

CVE-2026-0589

The CVE-2026-0589 entry concerns code-projects Online Product Reservation System 1.0, specifically the Administration Backend. The documented issue is improper authentication within an unknown function of the Admin Backend that can be triggered remotely. Public exploit information exists, with ex...

CVE-2026-0589 code-projects Online Product Reservation System Administration Backend improper authentication

A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the component Administration Backend. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has been made public and could be us...

CVE-2026-0589 code-projects Online Product Reservation System Administration Backend improper authentication

A vulnerability was found in code-projects Online Product Reservation System 1.0. Impacted is an unknown function of the component Administration Backend. The manipulation results in improper authentication. The attack may be performed from remote. The exploit has been made public and could be us...