A security flaw has been discovered in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Administrator/PHP/AdminUpda…
Published:
11 January 2026 at 23:00:00
Alert date:
12 January 2026 at 02:00:56
Source:
nvd.nist.gov
Web Technologies
A SQL injection vulnerability has been discovered in code-projects Online Music Site version 1.0. The vulnerability affects the /Administrator/PHP/AdminUpdateUser.php file where manipulation of the ID argument leads to SQL injection. The attack can be executed remotely and exploits have been publicly released, making this an active threat. The vulnerability allows attackers to potentially access or manipulate database information through the compromised parameter.
Technical details
Mitigation steps:
Affected products:
code-projects Online Music Site 1.0
Related links:
https://nvd.nist.gov/vuln/detail/CVE-2026-0852
https://code-projects.org/
https://github.com/Learner636/CVE-smbmit/issues/2
https://vuldb.com/?ctiid.340447
https://vuldb.com/?id.340447
https://vuldb.com/?submit.734136
Related CVE's:
Related threat actors:
IOC's:
This article was created with the assistance of AI technology by Perceptive.