Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.11 views

CVE-2026-40824

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

7CVSS5.8AI score0.00239EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 8:16 a.m.16 views

CVE-2026-40824

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

7CVSS0.00239EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 7:52 a.m.8 views

CVE-2026-40825 Authenticated SQLi in accountstatus view

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view devices parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

7CVSS6AI score0.00239EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:52 a.m.21 views

CVE-2026-40825

CVE-2026-40825 describes an unauthenticated SQL Injection in the accountstatus view devices parameter. The vulnerability arises from improper neutralization of special elements in a SQL UPDATE command, enabling reading the entire database and altering values in a non-critical table. Reported impa...

7CVSS6AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 7:52 a.m.32 views

CVE-2026-40825 Authenticated SQLi in accountstatus view

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view devices parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

7CVSS0.00239EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/27 7:50 a.m.9 views

CVE-2026-40824 Authenticated SQLi in accountstatus view

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

7CVSS6AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 7:50 a.m.36 views

CVE-2026-40824 Authenticated SQLi in accountstatus view

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

7CVSS0.00239EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 7:50 a.m.15 views

EUVD-2026-32128

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

7CVSS6AI score0.00239EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 7:50 a.m.17 views

CVE-2026-40824

CVE-2026-40824 describes an unauthenticated SQL Injection in the accountstatus view userid parameter. An attacker with network access can exploit improper neutralization of special elements in a SQL UPDATE, enabling reading of the entire database and modification of values in a non-critical table...

7CVSS6AI score0.00239EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.14 views

PT-2026-43563

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

7CVSS6AI score0.00239EPSS
Exploits0References2
Rows per page
Query Builder