CVE-2026-7238

CVSS v2.0

5.8

Medium

AV:N/AC:L/Au:M/C:P/I:P/A:P

A flaw has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. This manipulation of the argument txtimage causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used.

Exploit

Fix

Unrestricted File Upload

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434CWE-284

Related Identifiers

CVE-2026-7238

Affected Products

Online Music Site

CVE-2026-7238

Weakness Enumeration

Related Identifiers

Affected Products

References · 6