CVE-2026-5368 | projectworlds Car Rental Project 1.0 Parameter /login.php uname sql injection

Inserito da Angelo Barbosa | Apr 1, 2026 | CVE

A vulnerability classified as critical has been found in projectworlds Car Rental Project 1.0. The affected element is an unknown function of the file /login.php of the component Parameter Handler. This manipulation of the argument uname causes sql injection.

This vulnerability is registered as CVE-2026-5368. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2026-5368 | projectworlds Car Rental Project 1.0 Parameter /login.php uname sql injection

Post correlati

CVE-2023-4552 | OpenText AppBuilder up to 23.1 System Files access control

CVE-2024-29822 | Ivanti Endpoint Manager RecordGoodApp sql injection

CVE-2025-27802 | Optimizely Episerver Content Management System up to 11.21.3/12.22.0 cross site scripting

CVE-2024-38878 | Siemens Omnivise T3000 Application Server API Endpoint path traversal (ssa-857368)