CVE-2026-30993

Slah CMS v1.5.0 and below was discovered to contain a remote code execution RCE vulnerability in the session function at config.php. This vulnerability is exploitable via a crafted input...

EUVD-2026-22989

Slah CMS v1.5.0 and below was discovered to contain a SQL injection vulnerability via the id parameter in the vereadorver.php endpoint...

EUVD-2026-22985

Slah CMS v1.5.0 and below was discovered to contain a remote code execution RCE vulnerability in the session function at config.php. This vulnerability is exploitable via a crafted input...

EUVD-2026-22987

Incorrect access control in the config.php component of Slah v1.5.0 and below allows unauthenticated attackers to access sensitive information, including active session credentials...

CVE-2026-30993

Slah CMS v1.5.0 and below was discovered to contain a remote code execution RCE vulnerability in the session function at config.php. This vulnerability is exploitable via a crafted input...

CVE-2026-30994

Incorrect access control in the config.php component of Slah v1.5.0 and below allows unauthenticated attackers to access sensitive information, including active session credentials...

CVE-2026-30995

Slah CMS v1.5.0 and below was discovered to contain a SQL injection vulnerability via the id parameter in the vereadorver.php endpoint...

PT-2026-33109

CVE-2026-30993 Slah CMS v1.5.0 and below was discovered to contain a remote code execution RCE vulnerability in the session function at config.php. This vulnerability is exploit… https://t.co/EbRtLBNYJO...

CVE-2026-30995

Slah CMS

CVE-2026-30993

Slah CMS

Slah CMS 安全漏洞

Slah CMS is a content management system developed by the Brazilian company Slah. Versions of Slah CMS prior to 1.5.0 contain security vulnerabilities. These vulnerabilities stem from improper access control in the config.php component, which may allow unverified attackers to access sensitive...

CVE-2026-30994

Incorrect access control in the config.php component of Slah v1.5.0 and below allows unauthenticated attackers to access sensitive information, including active session credentials...

CVE-2026-30995

Slah CMS v1.5.0 and below was discovered to contain a SQL injection vulnerability via the id parameter in the vereadorver.php endpoint...

PT-2026-33101

CVE-2026-30995 Slah CMS v1.5.0 and below was discovered to contain a SQL injection vulnerability via the id parameter in the vereador ver.php endpoint. https://t.co/FW642LmQMP...

CVE-2026-30993

Slah CMS v1.5.0 and below was discovered to contain a remote code execution RCE vulnerability in the session function at config.php. This vulnerability is exploitable via a crafted input...

CVE-2026-30995

Slah CMS v1.5.0 and below was discovered to contain a SQL injection vulnerability via the id parameter in the vereadorver.php endpoint...

CVE-2026-30994

CVE-2026-30994 affects Slah v1.5.0 and earlier, due to incorrect access control in the config.php component. The flaw allows unauthenticated attackers to access sensitive data, including active session credentials. No exploitation details or specific workaround are provided in the available docum...

Slah CMS 安全漏洞

Slah CMS is a content management system developed by the Brazilian company Slah. Versions of Slah CMS prior to 1.5.0 contain security vulnerabilities. These vulnerabilities stem from defects in the session function located in the config.php file, which may lead to remote code execution...

PT-2026-33100

CVE-2026-30994 Incorrect access control in the config.php component of Slah v1.5.0 and below allows unauthenticated attackers to access sensitive information, including active sessi… https://t.co/gJYAMbDBW2...

CVE-2026-30994

Incorrect access control in the config.php component of Slah v1.5.0 and below allows unauthenticated attackers to access sensitive information, including active session credentials...