CVE-2026-0576

Name of the Vulnerable Software and Affected Versions code-projects Online Product Reservation System version 1.0

Description A flaw exists in code-projects Online Product Reservation System 1.0, specifically within the Parameter Handler component. Manipulation of the cat/price/name/model/serial argument in the file /handgunner-administrator/prod.php can lead to SQL injection. The attack can be initiated remotely. The exploit is publicly available.

Recommendations Versions prior to 1.0 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.