Listen to this Post
The vulnerability CVE-2026-3757 resides in the projectworlds Online Art Gallery Shop version 1.0, specifically within an unknown functionality of the file /?pass=1. The manipulation of the argument `fnm` allows for SQL injection. The attack vector is remote, requiring no authentication or user interaction. The vulnerability exists because the application fails to properly sanitize user-supplied input before incorporating it into an SQL query. When an attacker sends a crafted payload via the `fnm` parameter, the backend database executes unintended SQL commands. This can lead to unauthorized disclosure of database contents, modification of data, or potential escalation of privileges within the application context. The exploit has been released publicly, increasing the risk of widespread automated attacks. According to the CVSS 4.0 vector (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P), the vulnerability has a base score of 6.9 (Medium). This indicates low impact on confidentiality, integrity, and availability, but the ease of exploitation and network attack surface make it a significant concern .
dailycve form:
Platform: projectworlds
Version: 1.0
Vulnerability : SQL Injection
Severity: MEDIUM
date: 03/08/2026
Prediction: 30 days
What Undercode Say:
Analytics
The vulnerability is remotely exploitable with low complexity. The EPSS score is not yet available, but the public exploit release indicates a high probability of active scanning. Multiple other SQL injection vulnerabilities have been found in the same application (e.g., CVE-2026-3406, CVE-2026-3758), suggesting systemic coding flaws .
Exploit:
Manual exploitation can be performed using `sqlmap`:
sqlmap -u "http://target.com/?pass=1&fnm=test" --dbs --batch
Manual payload example:
GET /?pass=1&fnm=test' OR '1'='1 HTTP/1.1 Host: target.com
Protection from this CVE
Implement parameterized queries in the application code. Use a Web Application Firewall (WAF) to block SQLi patterns. Example ModSecurity rule:
SecRule ARGS:fnm "@detectSQLi" "id:1000,deny,status:403,msg:'SQL Injection Blocked'"
Impact
Successful exploitation allows attackers to read sensitive data from the database, modify or delete records, and potentially gain administrative access to the application. Given the public exploit, unpatched instances are at immediate risk of compromise.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

