Skip to main content

Online Art Gallery Shop

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-3757 MEDIUM POC This Month

SQL injection in projectworlds Online Art Gallery Shop 1.0 allows unauthenticated remote attackers to manipulate the fnm parameter via the /?pass=1 endpoint, potentially enabling unauthorized database access and modification. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected installations at immediate risk.

SQLi Online Art Gallery Shop
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-3757
EPSS 0% CVSS 5.5
MEDIUM POC This Month

SQL injection in projectworlds Online Art Gallery Shop 1.0 allows unauthenticated remote attackers to manipulate the fnm parameter via the /?pass=1 endpoint, potentially enabling unauthorized database access and modification. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected installations at immediate risk.

SQLi Online Art Gallery Shop
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy