ГлавнаяУязвимости → CVE-2026-0576
7.3высокая

CVE-2026-0576

Описание

A vulnerability was detected in code-projects Online Product Reservation System 1.0. Affected is an unknown function of the file /handgunner-administrator/prod.php of the component Parameter Handler. Performing a manipulation of the argument cat/price/name/model/serial results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.

Затрагиваемое ПО
Fabian Online product reservation system
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://code-projects.org/https://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/sqli_add_prod.php.mdhttps://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/sqli_add_prod.php.md#pochttps://vuldb.com/?ctiid.339460https://vuldb.com/?id.339460https://vuldb.com/?submit.731012