CVE-2026-6037 | code-projects Vehicle Showroom Management System 1.0 AddVehicleFunction.php BRANCH_ID sql injection

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability identified as critical has been detected in code-projects Vehicle Showroom Management System 1.0. This affects an unknown function of the file /util/AddVehicleFunction.php. This manipulation of the argument BRANCH_ID causes sql injection.

This vulnerability is tracked as CVE-2026-6037. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-6037 | code-projects Vehicle Showroom Management System 1.0 AddVehicleFunction.php BRANCH_ID sql injection

Post correlati

CVE-2025-20665 | MediaTek MT8893 devinfo file information disclosure (MSV-2760 / ALPS09555228)

CVE-2024-9697 | Social Rocket Plugin up to 1.3.4 on WordPress Setting authorization

CVE-2023-51838 | Ylianst MeshCentral 1.1.16 risky encryption

CVE-2025-4454 | D-Link DIR-619L 2.04B04 wake_on_lan mac command injection