8 matches found
CVE-2026-41460
SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity/index/get-memberall endpoint where user-supplied input passed via the text parameter is not sanitized before being incorporated into a SQL query. An unauthenticated remote attacker can exploit this...
EUVD-2026-25224
SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity/index/get-memberall endpoint where user-supplied input passed via the text parameter is not sanitized before being incorporated into a SQL query. An unauthenticated remote attacker can exploit this...
CVE-2026-41460
SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity/index/get-memberall endpoint where user-supplied input passed via the text parameter is not sanitized before being incorporated into a SQL query. An unauthenticated remote attacker can exploit this...
CVE-2026-41460 SocialEngine <= 7.8.0 SQL Injection via activity/index/get-memberall
SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity/index/get-memberall endpoint where user-supplied input passed via the text parameter is not sanitized before being incorporated into a SQL query. An unauthenticated remote attacker can exploit this...
CVE-2026-41460
SocialEngine versions 7.8.0 and prior contain a SQL injection vulnerability in the /activity/index/get-memberall endpoint where user-supplied input passed via the text parameter is not sanitized before being incorporated into a SQL query. An unauthenticated remote attacker can exploit this...
CVE-2026-41460
CVE-2026-41460 (SocialEngine) affects SocialEngine versions 7.8.0 and earlier, with a SQL injection in the /activity/index/get-memberall endpoint. User input passed via the text parameter is not sanitized before being used in a SQL query. An unauthenticated remote attacker can read arbitrary data...
SocialEngine SQL注入漏洞
SocialEngine is a content management platform developed by SocialEngine Company in India, designed for supporting community interactions and building social networks. SocialEngine versions 7.8.0 and earlier contained an SQL injection vulnerability. This vulnerability stemmed from the text paramet...
Malicious code in pephttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4668866bf9a576d16159541720f45758a839b424dfcd4e5d018e7d7b28788a41 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...