VYPR

Online Art Gallery Shop

by Projectworlds

CVEs (8)

  • CVE-2026-9364HigMay 24, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in projectworlds Online Art Gallery Shop 1.0. Impacted is an unknown function of the file /admin/adminHome.php. Executing a manipulation of the argument social_linked can lead to sql injection. The attack can be executed remotely. The exploit has been…

  • CVE-2026-3759HigMar 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in projectworlds Online Art Gallery Shop 1.0. This affects an unknown part of the file /admin/adminHome.php. Such manipulation of the argument reach_nm leads to sql injection. The attack can be executed remotely. The exploit has been…

  • CVE-2026-3758HigMar 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in projectworlds Online Art Gallery Shop 1.0. Affected by this issue is some unknown functionality of the file /admin/adminHome.php. This manipulation of the argument Info causes sql injection. Remote exploitation of the attack is possible. The…

  • CVE-2026-3757HigMar 8, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in projectworlds Online Art Gallery Shop 1.0. Affected by this vulnerability is an unknown functionality of the file /?pass=1. The manipulation of the argument fnm results in sql injection. The attack may be launched remotely. The exploit has…

  • CVE-2026-3406HigMar 2, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to…

  • CVE-2026-10875MedJun 4, 2026
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in projectworlds Online Art Gallery Shop Project 1.0. The impacted element is an unknown function of the file /admin/adminHome.ph. The manipulation of the argument social_twitter results in sql injection. The attack may be launched remotely.…

  • CVE-2026-10874MedJun 4, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in projectworlds Online Art Gallery Shop Project 1.0. The affected element is an unknown function of the file /admin/adminHome.php. The manipulation of the argument social_insta leads to sql injection. The attack may be initiated remotely. The…

  • CVE-2023-37152Jul 10, 2023
    risk 0.00cvss epss 0.02

    Projectworlds Online Art Gallery Project 1.0 allows unauthenticated users to perform arbitrary file uploads via the adminHome.php page. Note: This has been disputed as not a valid vulnerability.