8 matches found
📄 OpenSTAManager 2.9.8 SQL Injection
OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in the Scadenzario bulk operations module. CVE-2026-24418: OpenSTAManager has a SQL Injection vulnerability in the Scadenzario bulk operations module Overview | Field | Details | |---|---| | CVE ID |...
CVE-2026-24418
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the bulk operations handler for the Scadenzario Payment Schedule module. The application fails to validate...
SQL Injection
Overview devcode-it/openstamanager is a management software for technical assistance and electronic invoicing Affected versions of this package are vulnerable to SQL Injection via the idrecords parameter in the bulk module. An attacker can extract sensitive database contents, including user...
CVE-2026-24418 OpenSTAManager has an SQL Injection vulnerability in the Scadenzario bulk operations module
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the bulk operations handler for the Scadenzario Payment Schedule module. The application fails to validate...
CVE-2026-24418 OpenSTAManager has an SQL Injection vulnerability in the Scadenzario bulk operations module
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the bulk operations handler for the Scadenzario Payment Schedule module. The application fails to validate...
EUVD-2026-5632
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the bulk operations handler for the Scadenzario Payment Schedule module. The application fails to validate...
CVE-2026-24418 OpenSTAManager has an SQL Injection vulnerability in the Scadenzario bulk operations module
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the bulk operations handler for the Scadenzario Payment Schedule module. The application fails to validate...
PT-2026-6774
Name of the Vulnerable Software and Affected Versions OpenSTAManager versions 2.9.8 and earlier Description OpenSTAManager contains a critical Error-Based SQL Injection issue within the Scadenzario Payment Schedule module’s bulk operations handler. The application does not properly validate that...