14 matches found
📄 OpenSTAManager 2.9.8 SQL Injection
OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in the Prima Nota module. CVE-2026-24419: OpenSTAManager has a SQL Injection in the Prima Nota module Overview | Field | Details | |---|---| | CVE ID | CVE-2026-24419 | | Severity | HIGH | | Advisory | View...
Exploit for SQL Injection in Devcode Openstamanager
CVE-2026-24419: OpenSTAManager has a SQL Injection in the Prim...
CVE-2026-24419
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module's add.php file. The application fails to validate that comma-separated...
SQL Injection
Overview devcode-it/openstamanager is a management software for technical assistance and electronic invoicing Affected versions of this package are vulnerable to SQL Injection via the iddocumenti GET parameter in the Prima Nota module's add.php endpoint. An attacker can extract sensitive database...
GHSA-4J2X-JH4M-FQV6 OpenSTAManager has a SQL Injection in the Prima Nota module
Summary Critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module of OpenSTAManager v2.9.8 allows authenticated attackers to extract complete database contents including user credentials, customer PII, and financial records through XML error messages by injecting...
OpenSTAManager has a SQL Injection in the Prima Nota module
Summary Critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module of OpenSTAManager v2.9.8 allows authenticated attackers to extract complete database contents including user credentials, customer PII, and financial records through XML error messages by injecting...
CVE-2026-24419
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module's add.php file. The application fails to validate that comma-separated...
EUVD-2026-5639
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module's add.php file. The application fails to validate that comma-separated...
CVE-2026-24419 OpenSTAManager has an SQL Injection in the Prima Nota module
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module's add.php file. The application fails to validate that comma-separated...
CVE-2026-24419 OpenSTAManager has an SQL Injection in the Prima Nota module
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module's add.php file. The application fails to validate that comma-separated...
CVE-2026-24419 OpenSTAManager has an SQL Injection in the Prima Nota module
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module's add.php file. The application fails to validate that comma-separated...
CVE-2026-24419
OpenSTAManager (v2.9.8 and earlier) contains a critical Error-Based SQL Injection in the Prima Nota (Journal Entry) module, via unsafely handling id_documenti from GET: values are split by comma and injected into an IN() clause without type validation. Technical details across multiple sources co...
PT-2026-6849
Summary Critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module of OpenSTAManager v2.9.8 allows authenticated attackers to extract complete database contents including user credentials, customer PII, and financial records through XML error messages by injecting...
OpenSTAManager 安全漏洞
OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager prior to v2.9.8 contained security vulnerabilities. These vulnerabilities stemmed from insufficient validation of the iddocumenti GET parameters in the Prima...