3 matches found
CVE-2026-34101
creationtimestamp| type| source ---|---|--- 2026-07-01 17:48:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpm3akqzc72m 2026-07-02 08:39:14+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpnmz4nf7e27 2026-07-02 09:28:13+00:00| seen|...
CVE-2026-34101
Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in textfile.php line 17: SELECT id, filename, extension, type, duration, owner, private FROM files where id = '".$GET'id'."'. An authenticated attacker can perform error-based SQL injection to extract...
CVE-2026-34101
Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in textfile.php line 17: SELECT id, filename, extension, type, duration, owner, private FROM files where id = '".$GET'id'."'. An authenticated attacker can perform error-based SQL injection to extract...