Medium severity6.3NVD Advisory· Published Apr 6, 2026· Updated Apr 29, 2026
CVE-2026-5639
CVE-2026-5639
Description
A flaw has been found in PHPGurukul Online Shopping Portal Project 2.1. Impacted is an unknown function of the file /admin/update-image3.php of the component Parameter Handler. Executing a manipulation of the argument filename can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 2.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.