CVE-2026-3759

Medium CVSS: 6.9

A security vulnerability has been detected in projectworlds Online Art Gallery Shop 1.0. This affects an unknown part of the file /admin/adminHome.php. Such manipulation of the argument reach_nm leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.

Vendor

Projectworlds

Product

Online Art Gallery Shop

CWE

CWE-74

Yayın Tarihi

2026-03-08 19:16:00

Güncelleme

2026-03-09 16:31:21

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-74 Online Art Gallery Shop MEDIUM Projectworlds 2026

Referanslar

https://github.com/hmKunlun/projectworldcve/issues/3 https://vuldb.com/?ctiid.349737 https://vuldb.com/?id.349737 https://vuldb.com/?submit.768059

Benzer Kayıtlar

Medium

CVE-2026-3757

A security flaw has been discovered in projectworlds Online Art Gallery Shop 1.0. Affected by this vulnerability is an u…

Medium

CVE-2026-3758

A weakness has been identified in projectworlds Online Art Gallery Shop 1.0. Affected by this issue is some unknown func…

Medium

CVE-2026-3406

A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of t…

High

CVE-2025-70147

Missing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 all…

Critical

CVE-2025-70146

Missing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Genera…

Medium

CVE-2026-2136

A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /vi…