CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/27 7:54 a.m.•25 views

CVE-2026-40830 Authenticated SQLi in UpdateParam function

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the admin.mbnetj.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical...

CVE•added 2026/05/27 7:54 a.m.•9 views

CVE-2026-40830

CVE-2026-40830 describes an unauthenticated SQL Injection in the admin.mbnetj.php file’s UpdateParam function, enabling a high-privilege remote attacker to read the entire database and alter values in a non-critical table. Impact includes total confidentiality loss and some integrity loss; no ava...

Vulnrichment•added 2026/05/27 7:54 a.m.•6 views

CVE-2026-40830 Authenticated SQLi in UpdateParam function

ATTACKERKB•added 2026/05/27 7:54 a.m.•5 views

CVE-2026-40830

EUVD•added 2026/05/27 7:54 a.m.•7 views

EUVD-2026-32159

ATTACKERKB•added 2026/05/27 7:53 a.m.•10 views

CVE-2026-40829

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the view.html.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical...

EUVD•added 2026/05/27 7:53 a.m.•8 views

EUVD-2026-32158

Vulnrichment•added 2026/05/27 7:53 a.m.•5 views

CVE-2026-40829 Authenticated SQLi in UpdateParam function

CVE•added 2026/05/27 7:53 a.m.•10 views

CVE-2026-40829

CVE-2026-40829 describes an unauthenticated SQL Injection in the view.html.php UpdateParam function, exploitable by a high-privilege remote attacker. It can read the entire database and alter values in a non-critical table, leading to total confidentiality loss and some integrity loss. The connec...

Vulnrichment•added 2026/05/27 7:53 a.m.•10 views

CVE-2026-40828 Authenticated SQLi in DeleteSysLogEntry function

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DeleteSysLogEntry function due to improper neutralization of special elements in a SQL DELETE command allowing for reading the whole database and deleting entries in a non critical table. This can...

EUVD•added 2026/05/27 7:53 a.m.•6 views

EUVD-2026-32157

Cvelist•added 2026/05/27 7:53 a.m.•24 views

CVE-2026-40828 Authenticated SQLi in DeleteSysLogEntry function

ATTACKERKB•added 2026/05/27 7:53 a.m.•8 views

CVE-2026-40828

Cvelist•added 2026/05/27 7:53 a.m.•24 views

CVE-2026-40827 Authenticated SQLi in _RemoveRequest function

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the RemoveRequest function due to improper neutralization of special elements in a SQL DELETE command allowing for reading the whole database and deleting entries in a non critical table. This can resu...

Vulnrichment•added 2026/05/27 7:53 a.m.•4 views

CVE-2026-40827 Authenticated SQLi in _RemoveRequest function

ATTACKERKB•added 2026/05/27 7:53 a.m.•7 views

CVE-2026-40827

CVE•added 2026/05/27 7:53 a.m.•8 views

CVE-2026-40827

CVE-2026-40827 describes an unauthenticated SQL Injection in the _RemoveRequest function. The vulnerability allows reading the entire database and deleting entries in a non-critical table due to improper neutralization of special elements in a SQL DELETE command. Reported impacts include total co...

EUVD•added 2026/05/27 7:52 a.m.•6 views

EUVD-2026-32129

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view devices parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

Cvelist•added 2026/05/27 7:52 a.m.•26 views

CVE-2026-40825 Authenticated SQLi in accountstatus view