CVE-2026-3406 | projectworlds Online Art Gallery Shop 1.0 Registration /admin/registration.php fname sql injection

Inserito da Angelo Barbosa | Mar 1, 2026 | CVE

A vulnerability categorized as critical has been discovered in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection.

This vulnerability is known as CVE-2026-3406. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2026-3406 | projectworlds Online Art Gallery Shop 1.0 Registration /admin/registration.php fname sql injection

Post correlati

CVE-2025-15212 | code-projects Refugee Food Management System 1.0 /home/regfood.php a sql injection

CVE-2025-62483 | Zoom Workplace 6.5.0 information disclosure

CVE-2024-4634 | Elementor Header & Footer Builder Plugin up to 1.6.28 on WordPress cross site scripting

CVE-2024-37471 | WofficeIO Woffice Core Plugin up to 5.4.8 on WordPress cross site scripting