Online Music Site

CVEs (16)

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2026-2212	Yuji0903 Silver Guide	Hig	0.47	7.3	Feb 9, 2026	A vulnerability was identified in code-projects Online Music Site 1.0. Affected by this vulnerability is an unknown functionality of the file /Administrator/PHP/AdminEditCategory.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
CVE-2026-2211	Yuji0903 Silver Guide	Hig	0.47	7.3	Feb 9, 2026	A vulnerability was determined in code-projects Online Music Site 1.0. Affected is an unknown function of the file /Administrator/PHP/AdminDeleteCategory.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2026-2133	Code Projects Online Music Site	Hig	0.47	7.3	Feb 8, 2026	A weakness has been identified in code-projects Online Music Site 1.0. Impacted is an unknown function of the file /Administrator/PHP/AdminUpdateCategory.php. This manipulation of the argument txtimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks.
CVE-2026-2132	Code Projects Online Music Site	Hig	0.47	7.3	Feb 8, 2026	A security flaw has been discovered in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Administrator/PHP/AdminUpdateCategory.php. The manipulation of the argument txtcat results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.
CVE-2026-1535	Yuji0903 Silver Guide	Hig	0.47	7.3	Jan 28, 2026	A security vulnerability has been detected in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Administrator/PHP/AdminReply.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.
CVE-2026-1534	Yuji0903 Silver Guide	Hig	0.47	7.3	Jan 28, 2026	A weakness has been identified in code-projects Online Music Site 1.0. This affects an unknown function of the file /Administrator/PHP/AdminEditUser.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.
CVE-2026-1443	Code Projects Online Music Site	Hig	0.47	7.3	Jan 26, 2026	A flaw has been found in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /Administrator/PHP/AdminDeleteUser.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used.
CVE-2026-0852	Code Projects Online Music Site	Hig	0.47	7.3	Jan 12, 2026	A security flaw has been discovered in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Administrator/PHP/AdminUpdateUser.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.
CVE-2026-0851	Code Projects Online Music Site	Hig	0.47	7.3	Jan 12, 2026	A vulnerability was identified in code-projects Online Music Site 1.0. The affected element is an unknown function of the file /Administrator/PHP/AdminAddUser.php. The manipulation of the argument txtusername leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
CVE-2026-0607	Code Projects Online Music Site	Hig	0.47	7.3	Jan 6, 2026	A flaw has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminViewSongs.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used.
CVE-2026-0606	Code Projects Online Music Site	Hig	0.47	7.3	Jan 5, 2026	A vulnerability was detected in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /FrontEnd/Albums.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
CVE-2026-0570	Code Projects Online Music Site	Hig	0.47	7.3	Jan 2, 2026	A vulnerability was found in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Frontend/Feedback.php. Performing a manipulation of the argument fname results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used.
CVE-2026-0569	Code Projects Online Music Site	Hig	0.47	7.3	Jan 2, 2026	A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown function of the file /Frontend/AlbumByCategory.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2026-0568	Code Projects Online Music Site	Hig	0.47	7.3	Jan 2, 2026	A flaw has been found in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Frontend/ViewSongs.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.
CVE-2026-2213	Yuji0903 Silver Guide	Med	0.31	4.7	Feb 9, 2026	A security flaw has been discovered in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /Administrator/PHP/AdminAddAlbum.php. The manipulation of the argument txtimage results in unrestricted upload. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.
CVE-2026-1533	Yuji0903 Silver Guide	Med	0.31	4.7	Jan 28, 2026	A security flaw has been discovered in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Administrator/PHP/AdminAddCategory.php. The manipulation results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.

CVE-2026-2212HigFeb 9, 2026
Yuji0903
Silver Guide
risk 0.47cvss 7.3epss 0.00
A vulnerability was identified in code-projects Online Music Site 1.0. Affected by this vulnerability is an unknown functionality of the file /Administrator/PHP/AdminEditCategory.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
CVE-2026-2211HigFeb 9, 2026
Yuji0903
Silver Guide
risk 0.47cvss 7.3epss 0.00
A vulnerability was determined in code-projects Online Music Site 1.0. Affected is an unknown function of the file /Administrator/PHP/AdminDeleteCategory.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2026-2133HigFeb 8, 2026
Code Projects
Online Music Site
risk 0.47cvss 7.3epss 0.00
A weakness has been identified in code-projects Online Music Site 1.0. Impacted is an unknown function of the file /Administrator/PHP/AdminUpdateCategory.php. This manipulation of the argument txtimage causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks.
CVE-2026-2132HigFeb 8, 2026
Code Projects
Online Music Site
risk 0.47cvss 7.3epss 0.00
A security flaw has been discovered in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Administrator/PHP/AdminUpdateCategory.php. The manipulation of the argument txtcat results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.
CVE-2026-1535HigJan 28, 2026
Yuji0903
Silver Guide
risk 0.47cvss 7.3epss 0.00
A security vulnerability has been detected in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Administrator/PHP/AdminReply.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.
CVE-2026-1534HigJan 28, 2026
Yuji0903
Silver Guide
risk 0.47cvss 7.3epss 0.00
A weakness has been identified in code-projects Online Music Site 1.0. This affects an unknown function of the file /Administrator/PHP/AdminEditUser.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.
CVE-2026-1443HigJan 26, 2026
Code Projects
Online Music Site
risk 0.47cvss 7.3epss 0.00
A flaw has been found in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /Administrator/PHP/AdminDeleteUser.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used.
CVE-2026-0852HigJan 12, 2026
Code Projects
Online Music Site
risk 0.47cvss 7.3epss 0.00
A security flaw has been discovered in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Administrator/PHP/AdminUpdateUser.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.
CVE-2026-0851HigJan 12, 2026
Code Projects
Online Music Site
risk 0.47cvss 7.3epss 0.00
A vulnerability was identified in code-projects Online Music Site 1.0. The affected element is an unknown function of the file /Administrator/PHP/AdminAddUser.php. The manipulation of the argument txtusername leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
CVE-2026-0607HigJan 6, 2026
Code Projects
Online Music Site
risk 0.47cvss 7.3epss 0.00
A flaw has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminViewSongs.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used.
CVE-2026-0606HigJan 5, 2026
Code Projects
Online Music Site
risk 0.47cvss 7.3epss 0.00
A vulnerability was detected in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /FrontEnd/Albums.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
CVE-2026-0570HigJan 2, 2026
Code Projects
Online Music Site
risk 0.47cvss 7.3epss 0.00
A vulnerability was found in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Frontend/Feedback.php. Performing a manipulation of the argument fname results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used.
CVE-2026-0569HigJan 2, 2026
Code Projects
Online Music Site
risk 0.47cvss 7.3epss 0.00
A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown function of the file /Frontend/AlbumByCategory.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2026-0568HigJan 2, 2026
Code Projects
Online Music Site
risk 0.47cvss 7.3epss 0.00
A flaw has been found in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Frontend/ViewSongs.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.
CVE-2026-2213MedFeb 9, 2026
Yuji0903
Silver Guide
risk 0.31cvss 4.7epss 0.00
A security flaw has been discovered in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /Administrator/PHP/AdminAddAlbum.php. The manipulation of the argument txtimage results in unrestricted upload. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.
CVE-2026-1533MedJan 28, 2026
Yuji0903
Silver Guide
risk 0.31cvss 4.7epss 0.00
A security flaw has been discovered in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Administrator/PHP/AdminAddCategory.php. The manipulation results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.