Lucene search
K

4 matches found

VulnCheck KEV
VulnCheck KEV
added 2026/06/27 12:0 a.m.20 views

VulnCheck KEV: CVE-2026-8054

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in the Publish Audit API endpoints /api/auditPublishing/get and /api/auditPublishing/getAll in dotCMS Core 25.11.04-1 through 26.04.28-02 allows remote unauthenticated attackers to read, modify, or destroy arbitrar...

10CVSS6.1AI score0.01584EPSS
In wildExploits1References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.9 views

CVE-2026-8054

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in the Publish Audit API endpoints /api/auditPublishing/get and /api/auditPublishing/getAll in dotCMS Core 25.11.04-1 through 26.04.28-02 allows remote unauthenticated attackers to read, modify, or destroy arbitrar...

10CVSS5.9AI score0.01584EPSS
Exploits1References1
CVE
CVE
added 2026/05/27 7:55 a.m.43 views

CVE-2026-8054

DotCMS Core versions 25.11.04-1 through 26.04.28-02 are affected by an SQL injection in the Publish Audit API endpoints /api/auditPublishing/get and /api/auditPublishing/getAll. The vulnerability stems from unsanitized input used in dynamically constructed SQL, allowing remote unauthenticated att...

10CVSS6.1AI score0.01584EPSS
In wildExploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/27 7:55 a.m.6 views

CVE-2026-8054

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in the Publish Audit API endpoints /api/auditPublishing/get and /api/auditPublishing/getAll in dotCMS Core 25.11.04-1 through 26.04.28-02 allows remote unauthenticated attackers to read, modify, or destroy arbitrar...

10CVSS6.1AI score0.01584EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder