CN

CyberNewsUz

Threat Intelligence Portal

LOADING0%

Yangiliklar CVE Tracker Exploitlar Hujumlar Xarita

CN

CyberNewsUz

Threat Intelligence Portal

LOADING0%

O'zbek tilidagi kiberxavfsizlik portali. Yangiliklar, CVE tracker, hujumlar bazasi.

Yangiliklar

Barcha yangiliklar
Hujumlar
Zayifliklar
O'zbekiston
Jahon

Asboblar

CVE Tracker
Exploit DB
Hujumlar bazasi
Threat xarita

Loyiha

Biz haqimizda

© 2026 CyberNewsUz. Barcha huquqlar himoyalangan.

CVE Tracker ga qaytish

CVE-2026-6166

Yuqori(7.3)

Vehicle Showroom Management System 1.0 kod-loyihalarida xavfsizlik zaifligi aniqlandi. Bu muammo /util/UpdateVehicleFunction.php fayliga noma'lum ishlov berishga ta'sir qiladi. VEHICLE_ID argumentini manipulyatsiya qilish sql in'ektsiyasiga olib keladi. Hujum uzoqdan boshlanishi mumkin. Ekspluatatsiya ommaga oshkor qilingan va undan foydalanish mumkin.

Vendor

—

Product

—

CVSS Score

7.3

Nashr sanasi

13-apr, 2026

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Manbalar

https://code-projects.org/
https://github.com/wfcht-sy/src/issues/2
https://vuldb.com/submit/797097
https://vuldb.com/vuln/357054
https://vuldb.com/vuln/357054/cti

CVE-2026-6166 | CyberNewsUz | CyberNewsUz