CVE-2026-0546

CVE Database · CVE-2026-0546

CVE-2026-0546

· HIGHAnalyzed

CVSS v3.1

7.3

CVSS v4.0

5.5

EPSS

0.41%

Published

Jan 2, 2026

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability was determined in code-projects Content Management System 1.0. This impacts an unknown function of the file search.php. This manipulation of the argument Value causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Weaknesses (CWE)

CWE-74CWE-89CWE-89

Affected Products (1)

code-projects · content_management_systemvulnerable

References (5)

https://code-projects.org/

Product

https://github.com/gtxy114514/CVE/issues/1

ExploitIssue TrackingThird Party Advisory

https://vuldb.com/?ctiid.339338

Permissions RequiredVDB Entry

https://vuldb.com/?id.339338

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.728924

Third Party AdvisoryVDB Entry

KEV Catalog EPSS Scores Vendors All CVEs