CVE-2026-11490 PUBLISHED

A vulnerability was determined in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Frontend/Search.php. This manipulation of the argument Category causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

• lixiaobailrl (VulDB User) reporter

• VDB-369110 | code-projects Online Music Site Search.php sql injection
• VDB-369110 | CTI Indicators (IOB, IOC, TTP, IOA)
• CVE-2026-11490 | CVE Analysis and Report
• Submit #836666 | code-projects ONLINE MUSIC SITE V1.0 Code-projects ONLINE MUSIC SITE V1.0 Search.php SQL injection
• https://github.com/xiaobbai/CVE1/issues/1
• https://code-projects.org/

• SQL Injection CWE
• Injection CWE