4 matches found
CVE-2026-40524
CVE-2026-40524 affects FrontAccounting
PT-2026-46897
Name of the Vulnerable Software and Affected Versions OpenMeter affected versions not specified Description An authenticated tenant can perform SQL injection through the valueProperty or groupBy fields of the 'POST /api/v1/meters' endpoint. The issue occurs because the application uses string...
PT-2026-43629
GitHub Security Advisory Draft — GM-369 Summary SQL injection in Pimcore's translation grid date filter — the user-supplied property field from the filter JSON is interpolated directly into a UNIX TIMESTAMPDATEFROM UNIXTIME... SQL expression without parameterization or allowlist validation...
CRITICAL-SEVERITY-VULNERABILITY-REPORT-Widespread-SQLI
CRITICAL-SEVERITY-VULNERABILITY-REPORT-Widespread-SQLI CRITIC...