📄 OpenSTAManager 2.9.8 SQL Injection

OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in the Prima Nota module. CVE-2026-24419: OpenSTAManager has a SQL Injection in the Prima Nota module Overview | Field | Details | |---|---| | CVE ID | CVE-2026-24419 | | Severity | HIGH | | Advisory | View...

Exploit for SQL Injection in Devcode Openstamanager

CVE-2026-24419: OpenSTAManager has a SQL Injection in the Prim...

EUVD-2026-5639

OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module's add.php file. The application fails to validate that comma-separated...

CVE-2026-24419 OpenSTAManager has an SQL Injection in the Prima Nota module

OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module's add.php file. The application fails to validate that comma-separated...

OpenSTAManager 安全漏洞

OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager prior to v2.9.8 contained security vulnerabilities. These vulnerabilities stemmed from insufficient validation of the iddocumenti GET parameters in the Prima...

PT-2026-6849

Summary Critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module of OpenSTAManager v2.9.8 allows authenticated attackers to extract complete database contents including user credentials, customer PII, and financial records through XML error messages by injecting...