Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.5
CVE-2026-10178: Online Music Site 1.0: SQL Injection in Admin Panel
CVE-2026-10178
Summary
A security flaw in the admin panel of Online Music Site 1.0 allows attackers to inject malicious SQL code, potentially accessing sensitive data. This vulnerability is publicly known, so it's essential to update the software to a patched version to prevent exploitation. We recommend checking with the software provider for an update and applying it as soon as possible.
Original title
A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID r...
Original description
A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
5.5
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 31 May 2026 · Updated: 1 Jun 2026 · First seen: 31 May 2026