CVE-2026-4540 | projectworlds Online Notes Sharing System 1.0 Parameters /login.php User sql injection

Inserito da Angelo Barbosa | Mar 21, 2026 | CVE

A vulnerability was found in projectworlds Online Notes Sharing System 1.0 and classified as critical. This issue affects some unknown processing of the file /login.php of the component Parameters Handler. The manipulation of the argument User results in sql injection.

This vulnerability is identified as CVE-2026-4540. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2026-4540 | projectworlds Online Notes Sharing System 1.0 Parameters /login.php User sql injection

Post correlati

CVE-2026-33013 | micronaut-projects micronaut-core up to 3.10.4/4.10.15 expandArrayToThreshold infinite loop (GHSA-43w5-mmxv-cpvh)

CVE-2023-5679 | ISC BIND DNS64 assertion

CVE-2025-58183 | Google Go up to 1.25.1 archive-tar allocation of resources

CVE-2025-14494 | RealDefense SUPERAntiSpyware Local Privilege Escalation (ZDI-25-1163)