CVE-2026-6149 | code-projects Vehicle Showroom Management System 1.0 BookVehicleFunction.php BRANCH_ID sql injection

Inserito da Angelo Barbosa | Apr 12, 2026 | CVE

A vulnerability classified as critical was found in code-projects Vehicle Showroom Management System 1.0. Affected by this issue is some unknown functionality of the file /util/BookVehicleFunction.php. Executing a manipulation of the argument BRANCH_ID can lead to sql injection.

This vulnerability appears as CVE-2026-6149. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-6149 | code-projects Vehicle Showroom Management System 1.0 BookVehicleFunction.php BRANCH_ID sql injection

Post correlati

CVE-2025-10595 | SourceCodester Online Student File Management System 1.0 /admin/delete_user.php user_id sql injection

CVE-2025-0037 | AMD Platform Loader and Manager PLM Runtime Service input validation

CVE-2024-45039 | Consensys gnark up to 0.11.0 (GHSA-q3hw-3gm4-w5cr)

CVE-2023-43516 | Qualcomm WSA8835 Message memory corruption