Lucene search
K

4 matches found

NVD
NVD
added 2026/06/15 8:16 p.m.11 views

CVE-2026-50890

Bernd Bestel grocy v4.6.0 was discovered to contain a SQL injection vulnerability in the product-group parameter at /stockreports/spendings. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement...

9.8CVSS0.00321EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.9 views

PT-2026-49331

Name of the Vulnerable Software and Affected Versions grocy version 4.6.0 Description SQL injection occurs at the '/stockreports/spendings' endpoint through the product-group parameter. This allows attackers to access sensitive database information by using a crafted SQL statement. SQL injection ...

9.8CVSS5.9AI score0.00321EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/15 12:0 a.m.31 views

CVE-2026-50890

Bernd Bestel grocy v4.6.0 was discovered to contain a SQL injection vulnerability in the product-group parameter at /stockreports/spendings. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement...

0.00321EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 12:0 a.m.18 views

CVE-2026-50890

Bernd Bestel grocy v4.6.0 is affected by a SQL injection in the product-group parameter at /stockreports/spendings. The issue allows extracting sensitive database information via a crafted SQL statement. Environment references this vulnerability across multiple sources (NVD, ENISA EUVD, CVE recor...

9.8CVSS5.7AI score0.00321EPSS
Exploits0References1
Rows per page
Query Builder