CVE-2026-10874

MEDIUM NVD

CVSS Score 6.3

Severity MEDIUM

Published Jun 04, 2026

Vendor unknown

Description

A vulnerability was identified in projectworlds Online Art Gallery Shop Project 1.0. The affected element is an unknown function of the file /admin/adminHome.php. The manipulation of the argument social_insta leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used.

References

https://github.com/shq3526/cve/issues/9
https://vuldb.com/cve/CVE-2026-10874
https://vuldb.com/submit/831868
https://vuldb.com/vuln/368364
https://vuldb.com/vuln/368364/cti