A vulnerability identified as critical has been detected in projectworlds Online Art Gallery Shop Project 1.0 . The affected element is an unknown function of the file /admin/adminHome.php . The manipulation of the argument social_insta leads to sql injection. This vulnerability is listed as CVE-2026-10874 . The attack may be initiated remotely. In addition, an exploit is available.