CVE-2026-0576 | code-projects Online Product Reservation System 1.0 Parameter prod.php cat/price/name/model/serial sql injection

Inserito da Angelo Barbosa | Gen 3, 2026 | CVE

A vulnerability, which was classified as critical, has been found in code-projects Online Product Reservation System 1.0. Affected is an unknown function of the file /handgunner-administrator/prod.php of the component Parameter Handler. Performing manipulation of the argument cat/price/name/model/serial results in sql injection.

This vulnerability is cataloged as CVE-2026-0576. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2026-0576 | code-projects Online Product Reservation System 1.0 Parameter prod.php cat/price/name/model/serial sql injection

Post correlati

CVE-2022-50281 | Linux Kernel up to 5.10.149/5.15.74/5.19.16/6.0.2 SGI-IP27 bridge_platform_create memory leak

CVE-2025-4272 | Mechrevo Control Console 1.0.2.70 GCUService csCAPI.dll uncontrolled search path

CVE-2025-23899 | BnB Select Bookalet Plugin up to 1.0.3 on WordPress cross site scripting

CVE-2024-35085 | J2EEFAST 2.7.0 ProcessDefinitionMapper.xml findPage sql injection