CVE-2026-10178

Description

A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.

References

• https://code-projects.org/
• https://github.com/gtxy114514/CVE/issues/7
• https://vuldb.com/cve/CVE-2026-10178
• https://vuldb.com/submit/819912
• https://vuldb.com/vuln/367459