A vulnerability classified as critical has been found in code-projects Online Music Site 1.0 . This issue affects some unknown processing of the file /Frontend/Search.php . This manipulation of the argument Category causes sql injection. The identification of this vulnerability is CVE-2026-11490 . It is possible to initiate the attack remotely. Furthermore, there is an exploit available.