CVE-2026-5641 | PHPGurukul Online Shopping Portal Project 2.1 Parameter /admin/update-image1.php filename sql injection

Inserito da Angelo Barbosa | Apr 5, 2026 | CVE

A vulnerability labeled as critical has been found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /admin/update-image1.php of the component Parameter Handler. The manipulation of the argument filename results in sql injection.

This vulnerability was named CVE-2026-5641. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-5641 | PHPGurukul Online Shopping Portal Project 2.1 Parameter /admin/update-image1.php filename sql injection

Post correlati

CVE-2025-65405 | Live555 Streaming Media 2018.09.02 AAC File Parser samplingFrequency use after free

CVE-2025-10622 | Foreman Transpiler Command ct_location/fcct_location os command injection

CVE-2024-6496 | Light Poll Plugin up to 1.0.0 on WordPress cross-site request forgery

CVE-2024-30306 | Adobe Acrobat Reader up to 20.005.30539/23.008.20470 File out-of-bounds (apsb24-07)