CVE-2026-40841
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:57:38
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getProjectTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40840
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:57:21
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the VerifyCreateLicences function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confident...
CVE-2026-40839
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:57:07
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getComponentScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confident...
CVE-2026-40838
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:56:51
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getDeviceScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidential...
CVE-2026-40837
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:56:35
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getProjectScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentia...
CVE-2026-40836
- EPSS 0.22%
- Veröffentlicht 27.05.2026 07:56:21
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the inmessage model due to improper neutralization of special elements in a SQL DELETE command allowing for reading the whole database and deleting entrie...
CVE-2026-40835
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:56:00
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the saveObjectFromData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentia...
CVE-2026-40834
- EPSS 0.22%
- Veröffentlicht 27.05.2026 07:55:44
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dash_layout.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the...
CVE-2026-40833
- EPSS 0.22%
- Veröffentlicht 27.05.2026 07:55:27
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dash.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole ...
CVE-2026-40832
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:54:53
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getDevicegroups function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentialit...