CVE-2026-6151 | code-projects Vehicle Showroom Management System 1.0 PaymentStatusFunction.php CUSTOMER_ID sql injection

Inserito da Angelo Barbosa | Apr 12, 2026 | CVE

A vulnerability, which was classified as critical, was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMER_ID results in sql injection.

This vulnerability is known as CVE-2026-6151. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2026-6151 | code-projects Vehicle Showroom Management System 1.0 PaymentStatusFunction.php CUSTOMER_ID sql injection

Post correlati

CVE-2024-21900 | QNAP QTS/QuTS hero/QuTScloud injection (qsa-24-09)

CVE-2024-5198 | OpenVPN ovpn-dco/GUI on Windows null pointer dereference

CVE-2024-2457 | Modal Window Plugin up to 5.3.8 on WordPress Shortcode cross site scripting

CVE-2024-7666 | SourceCodester Car Driving School Management System 1.0 view_package.php id sql injection