Which versions of Online Art Gallery Shop are affected by CVE-2026-9364?

CVE-2026-9364 is a high-severity SQL injection vulnerability in Online Art Gallery Shop 1.0 that allows unauthenticated attackers to compromise database integrity and extract sensitive data through…

Is there a public PoC exploit available for CVE-2026-9364?

Yes, a public proof-of-concept exploit is available for CVE-2026-9364. Prioritise patching immediately. EPSS: 0.0%.

Online Art Gallery Shop CVE-2026-9364

Q: What is the CVSS score of CVE-2026-9364?

CVE-2026-9364 has a CVSS 4.0 base score of 5.5 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-31577 MEDIUM

SQL Injection (CWE-89)

2026-05-24 VulDB

GHSA-g656-j3x6-4jgg

PHP SQLi

5.5

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Severity Changed

May 26, 2026 - 19:37 NVD

HIGH MEDIUM

CVSS changed

May 26, 2026 - 19:37 NVD

7.3 (HIGH) 5.5 (MEDIUM)

Analysis Generated

May 24, 2026 - 08:45 vuln.today

DescriptionNVD

A flaw has been found in projectworlds Online Art Gallery Shop 1.0. Impacted is an unknown function of the file /admin/adminHome.php. Executing a manipulation of the argument social_linked can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used.

AnalysisAI

SQL injection in Online Art Gallery Shop 1.0 allows unauthenticated remote attackers to manipulate database queries through the social_linked parameter in /admin/adminHome.php. The vulnerability has publicly available exploit code and a CVSS score of 7.3, indicating high severity with the ability to impact confidentiality, integrity, and availability of the application.

RemediationAI

Within 24 hours: Inventory all systems running Online Art Gallery Shop 1.0 and isolate affected instances from production networks if operationally feasible. Within 7 days: Implement network-level access controls restricting access to /admin/adminHome.php to authorized IP ranges only, and apply Web Application Firewall (WAF) rules to block SQL injection patterns in the social_linked parameter. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-9364 vulnerability details – vuln.today

Back

Online Art Gallery Shop CVE-2026-9364

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

Online Art Gallery Shop CVE-2026-9364

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code