关键信息 CVE Identifier: CVE-2026-2212 Vulnerability Name: Code-Projects Online Music Site 1.0 AdminEditCategory.php ID SQL Injection CVSS Meta Temp Score: 6.6 Exploit Price Range: $0-$5k CTI Interest Score: 3.20- Summary: - Critical vulnerability found in some unknown functionality of the file . - Manipulating the argument leads to SQL injection. - Exploit available and attack can be performed remotely. Details: - Vulnerability classified as critical. - Functionality constructs SQL commands using untrusted input, causing injection vulnerability (CWE-89). - Attack methods specify no authentication needed, remote access possible, technical details available, and public exploit exists. Advisory: Available on GitHub. Extras: Attack vector classified as T1505 in MITRE ATT&CK framework.