CVE-2026-40821
- EPSS 0.28%
- Veröffentlicht 27.05.2026 07:49:51
- Zuletzt bearbeitet 27.05.2026 14:53:22
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountByID function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40819
- EPSS 0.32%
- Veröffentlicht 27.05.2026 07:49:14
- Zuletzt bearbeitet 27.05.2026 14:53:22
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the sync_data24 task due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.
CVE-2026-40818
- EPSS 0.32%
- Veröffentlicht 27.05.2026 07:48:53
- Zuletzt bearbeitet 27.05.2026 14:53:22
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the _mb24confi_getDevice function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confiden...
CVE-2026-40817
- EPSS 0.32%
- Veröffentlicht 27.05.2026 07:48:32
- Zuletzt bearbeitet 27.05.2026 14:53:22
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAlarmProfiles function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidential...
CVE-2026-40816
- EPSS 0.32%
- Veröffentlicht 27.05.2026 07:48:16
- Zuletzt bearbeitet 27.05.2026 14:53:22
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24alarm.php files _mb24confi_getTagAlarm function due to improper neutralization of special elements in a SQL SELECT command. This can result in a ...
CVE-2026-40815
- EPSS 0.32%
- Veröffentlicht 27.05.2026 07:47:36
- Zuletzt bearbeitet 27.05.2026 14:53:22
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the _mb24api_getUserAccount function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confi...
CVE-2026-40814
- EPSS 0.32%
- Veröffentlicht 27.05.2026 07:47:05
- Zuletzt bearbeitet 27.05.2026 14:53:22
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dataapi.php files _mb24confi_getTagAlarm function due to improper neutralization of special elements in a SQL SELECT command. This can result in a to...
CVE-2026-40813
- EPSS 0.32%
- Veröffentlicht 27.05.2026 07:45:29
- Zuletzt bearbeitet 27.05.2026 14:53:22
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getLiveValues functions tagid parameter due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss o...
CVE-2026-40812
- EPSS 0.32%
- Veröffentlicht 27.05.2026 07:45:09
- Zuletzt bearbeitet 27.05.2026 14:53:22
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getLiveValues functions sn parameter due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of c...
CVE-2026-40811
- EPSS 0.32%
- Veröffentlicht 27.05.2026 07:44:32
- Zuletzt bearbeitet 27.05.2026 14:53:22
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the ssoabstractservice due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.