CVE-2026-0591 | code-projects Online Product Reservation System 1.0 Cart Update /app/checkout/update.php id/qty sql injection

Inserito da Angelo Barbosa | Gen 4, 2026 | CVE

A vulnerability classified as critical was found in code-projects Online Product Reservation System 1.0. The impacted element is an unknown function of the file /app/checkout/update.php of the component Cart Update Handler. Such manipulation of the argument id/qty leads to sql injection.

This vulnerability is referenced as CVE-2026-0591. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2026-0591 | code-projects Online Product Reservation System 1.0 Cart Update /app/checkout/update.php id/qty sql injection

Post correlati

CVE-2024-36011 | Linux Kernel up to 6.6.30/6.8.9 Bluetooth hci_le_big_sync_established_evt null pointer dereference (1f7ebb69c1d6/9f3be61f55d4/d2706004a1b8)

CVE-2025-48742 | SIGB PMB prior 8.0.1.2 Installer missing authentication

CVE-2024-0347 | SourceCodester Engineers Online Portal 1.0 signup_teacher.php Password weak password

CVE-2024-51581 | NicheAddons Restaurant & Cafe Addon for Elementor Plugin up to 1.5.6 on WordPress cross site scripting