CVE-2026-0579 | code-projects Online Product Reservation System 1.0 POST Parameter edit.php prod_id/name/price/model/serial sql injection

Inserito da Angelo Barbosa | Gen 3, 2026 | CVE

A vulnerability was found in code-projects Online Product Reservation System 1.0 and classified as critical. This affects an unknown part of the file /handgunner-administrator/edit.php of the component POST Parameter Handler. The manipulation of the argument prod_id/name/price/model/serial results in sql injection.

This vulnerability is reported as CVE-2026-0579. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-0579 | code-projects Online Product Reservation System 1.0 POST Parameter edit.php prod_id/name/price/model/serial sql injection

Post correlati

CVE-2024-45474 | Siemens Tecnomatix Plant Simulation V2404 prior 2302.0016 WRL File memory corruption (ssa-583523)

CVE-2024-33680 | MainWP Child Reports Plugin up to 2.1.1 on WordPress cross-site request forgery

CVE-2025-49399 | Basix NEX-Forms Plugin up to 9.1.3 on WordPress cross-site request forgery

CVE-2025-10013 | Portabilis i-Educar up to 2.10 /exportacao-para-o-seb access control