top of page
perceptive_background_267k.jpg

A vulnerability was identified in code-projects Online Music Site 1.0. The affected element is an unknown function of the file /Administrator/PHP/AdminAddUser.p…

Published:

11 January 2026 at 23:00:00

Alert date:

12 January 2026 at 01:00:56

Source:

nvd.nist.gov

Click to open the original link from this advisory

CVE-2026-0851 identifies a SQL injection vulnerability in code-projects Online Music Site 1.0. The vulnerability affects the AdminAddUser.php file where manipulation of the txtusername parameter leads to SQL injection. The attack can be exploited remotely and the exploit is publicly available, making it a significant security risk for affected installations.

Technical details

Mitigation steps:

Affected products:

code-projects Online Music Site 1.0

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-0851
https://code-projects.org/
https://github.com/tuo159515/sql-injection/issues/2
https://vuldb.com/?ctiid.340446
https://vuldb.com/?id.340446
https://vuldb.com/?submit.733644

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page