Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/02/20 1:22 a.m.11 views

CVE-2026-2663

A security vulnerability has been detected in Alixhan xh-admin-backend up to 1.7.0. This issue affects some unknown processing of the file /frontend-api/system-service/api/system/role/query of the component Database Query Handler. Such manipulation of the argument prop leads to sql injection. It ...

6.5CVSS5.4AI score0.00233EPSS
Exploits0References1
NVD
NVD
added 2026/02/18 8:18 p.m.7 views

CVE-2026-2663

A security vulnerability has been detected in Alixhan xh-admin-backend up to 1.7.0. This issue affects some unknown processing of the file /frontend-api/system-service/api/system/role/query of the component Database Query Handler. Such manipulation of the argument prop leads to sql injection. It ...

6.5CVSS0.00233EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/18 7:32 p.m.5 views

CVE-2026-2663 Alixhan xh-admin-backend Database Query query sql injection

A security vulnerability has been detected in Alixhan xh-admin-backend up to 1.7.0. This issue affects some unknown processing of the file /frontend-api/system-service/api/system/role/query of the component Database Query Handler. Such manipulation of the argument prop leads to sql injection. It ...

6.5CVSS5.4AI score0.00233EPSS
Exploits0References3
CVE
CVE
added 2026/02/18 7:32 p.m.13 views

CVE-2026-2663

Summary: CVE-2026-2663 affects Alixhan xh-admin-backend v1.0–1.7.0 (unknown exact initial versions) due to vulnerable handling in the Database Query Handler for the endpoint /frontend-api/system-service/api/system/role/query, where argument manipulation enables SQL injection. This reportedly allo...

6.5CVSS5.4AI score0.00233EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/18 7:32 p.m.29 views

CVE-2026-2663 Alixhan xh-admin-backend Database Query query sql injection

A security vulnerability has been detected in Alixhan xh-admin-backend up to 1.7.0. This issue affects some unknown processing of the file /frontend-api/system-service/api/system/role/query of the component Database Query Handler. Such manipulation of the argument prop leads to sql injection. It ...

6.5CVSS0.00233EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.10 views

XHan Admin SQL注入漏洞

XHan Admin is a management system developed by Alixhan’s individual developers. Versions of XHan Admin prior to 1.7.0 contained an SQL injection vulnerability. This vulnerability stemmed from incorrect handling of parameters in files/frontend-api/system-service/api/system/role/query, specifically...

6.5CVSS6.7AI score0.00233EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.7 views

PT-2026-20487

A security vulnerability has been detected in Alixhan xh-admin-backend up to 1.7.0. This issue affects some unknown processing of the file /frontend-api/system-service/api/system/role/query of the component Database Query Handler. Such manipulation of the argument prop leads to sql injection. It ...

6.5CVSS5.4AI score0.00233EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.8 views

PT-2024-29977 · Etcd +2 · Etcd +2

Name of the Vulnerable Software and Affected Versions: Kamaji versions 1.0.0 and earlier Description: The issue arises from Kamaji using an "open at the top" range definition in RBAC for etcd roles, allowing some TCPs API servers to read, write, and delete the data of other control planes. This c...

9.9CVSS7.2AI score0.00622EPSS
Exploits1References12
Rows per page
Query Builder