CVE-2026-3759: projectworlds Online Art Gallery Shop adminHome.php sql injection
A security vulnerability has been detected in projectworlds Online Art Gallery Shop 1.0. This affects an unknown part of the file /admin/adminHome.php. Such manipulation of the argument reach_nm leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
Affected Software
Event History
Frequently Asked Questions
What is the severity of CVE-2026-3759?
CVE-2026-3759 has a high severity rating due to its potential for SQL injection, allowing attackers to manipulate the database.
How do I fix CVE-2026-3759?
To fix CVE-2026-3759, validate and sanitize all input parameters, specifically the 'reach_nm' argument in the adminHome.php file.
What are the potential impacts of CVE-2026-3759?
The potential impacts of CVE-2026-3759 include unauthorized access to sensitive data, data manipulation, or complete system compromise.
Which version of the software is affected by CVE-2026-3759?
CVE-2026-3759 affects version 1.0 of the projectworlds Online Art Gallery Shop.
How can I determine if my installation is vulnerable to CVE-2026-3759?
You can determine if your installation is vulnerable to CVE-2026-3759 by checking for the presence of SQL injection flaws in the adminHome.php file.