Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/02/28 1:55 a.m.6 views

CVE-2026-28226

Phishing Club is a phishing simulation and man-in-the-middle framework. Prior to version 1.30.2, an authenticated SQL injection vulnerability exists in the GetOrphaned recipient listing endpoint in versions prior to v1.30.2. The endpoint constructs a raw SQL query and concatenates the...

6.5CVSS5.9AI score0.00332EPSS
Exploits1References1
NVD
NVD
added 2026/02/26 11:16 p.m.12 views

CVE-2026-28226

Phishing Club is a phishing simulation and man-in-the-middle framework. Prior to version 1.30.2, an authenticated SQL injection vulnerability exists in the GetOrphaned recipient listing endpoint in versions prior to v1.30.2. The endpoint constructs a raw SQL query and concatenates the...

6.5CVSS0.00332EPSS
Exploits1References2
EUVD
EUVD
added 2026/02/26 10:43 p.m.7 views

EUVD-2026-8916

Phishing Club is a phishing simulation and man-in-the-middle framework. Prior to version 1.30.2, an authenticated SQL injection vulnerability exists in the GetOrphaned recipient listing endpoint in versions prior to v1.30.2. The endpoint constructs a raw SQL query and concatenates the...

6.5CVSS5.7AI score0.00332EPSS
Exploits1References2
CVE
CVE
added 2026/02/26 10:43 p.m.11 views

CVE-2026-28226

CVE-2026-28226 — Phishing Club : An authenticated SQL injection exists in the GetOrphaned recipient listing endpoint for versions before 1.30.2. The endpoint concatenates a user-controlled sortBy value directly into the SQL ORDER BY clause without allowlist validation, allowing injection of SQL e...

6.5CVSS5.7AI score0.00332EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/26 10:43 p.m.15 views

CVE-2026-28226 Phishing Club has Authenticated Blind SQL Injection in GetOrphaned Recipient Listing

Phishing Club is a phishing simulation and man-in-the-middle framework. Prior to version 1.30.2, an authenticated SQL injection vulnerability exists in the GetOrphaned recipient listing endpoint in versions prior to v1.30.2. The endpoint constructs a raw SQL query and concatenates the...

6.5CVSS5.9AI score0.00332EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/26 12:0 a.m.7 views

Phishing Club SQL注入漏洞

Phishing Club is an open-source platform for simulating and testing phishing attacks developed by Phishing Club. Versions of Phishing Club prior to 1.30.2 contained a SQL injection vulnerability. This vulnerability stemmed from the GetOrphaned recipient list endpoint, where the sortBy value...

6.5CVSS5.9AI score0.00332EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.12 views

PT-2026-22214

Name of the Vulnerable Software and Affected Versions Phishing Club versions prior to 1.30.2 Description Phishing Club is a phishing simulation and man-in-the-middle framework. An authenticated SQL injection issue exists in the GetOrphaned recipient listing endpoint. The endpoint builds a SQL que...

6.5CVSS6AI score0.00332EPSS
Exploits1References6
Rows per page
Query Builder