CVE-2026-7238 | code-projects Online Music Site 1.0 AdminUpdateAlbum.php txtimage unrestricted upload
A vulnerability has been found in code-projects Online Music Site 1.0 and classified as critical. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. This manipulation of the argument txtimage causes unrestricted upload.
This vulnerability is registered as CVE-2026-7238. Remote exploitation of the attack is possible. Furthermore, an exploit is available.