| Title | projectworlds Online Art Gallery Shop Project V1.0 SQL Injection |
|---|
| Description | A SQL injection vulnerability was found in the ' /?pass=1 ' file of the 'Online Art Gallery Shop Project'. The reason for this issue is that attackers inject malicious code from the parameter ' fnm‘ and use it directly in SQL queries without the need for appropriate cleaning or validation. This allows attackers to forge input values, thereby manipulating SQL queries and performing unauthorized operations. |
|---|
| Source | ⚠️ https://github.com/hmKunlun/projectworldcve/issues/1 |
|---|
| User | kunlun (UID 95866) |
|---|
| Submission | 02/26/2026 08:29 (1 month ago) |
|---|
| Moderation | 03/07/2026 21:34 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 349735 [projectworlds Online Art Gallery Shop 1.0 /?pass=1 fnm sql injection] |
|---|
| Points | 20 |
|---|