CVE-2026-6038 | code-projects Vehicle Showroom Management System 1.0 RegisterCustomerFunction.php BRANCH_ID sql injection

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability labeled as critical has been found in code-projects Vehicle Showroom Management System 1.0. This impacts an unknown function of the file /util/RegisterCustomerFunction.php. Such manipulation of the argument BRANCH_ID leads to sql injection.

This vulnerability is listed as CVE-2026-6038. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-6038 | code-projects Vehicle Showroom Management System 1.0 RegisterCustomerFunction.php BRANCH_ID sql injection

Post correlati

CVE-2024-24724 | Gibbon up to 26.0.00 Template messengerSettings.php injection

CVE-2025-4016 | 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160 LogController.java deleteIndex improper authorization

CVE-2025-47037 | Adobe Experience Manager up to 6.5.22 cross site scripting (apsb25-48)

CVE-2021-26102 | Fortinet FortiWAN up to 4.4.1/4.5.7 POST Request authentication bypass (FG-IR-21-048)