CVE-2026-1432 | T-Systems Buroweb up to 2505.0.12 tablon doEvent?APP_CODE=STA&PAGE_CODE=TABLON sql injection

Inserito da Angelo Barbosa | Feb 3, 2026 | CVE

A vulnerability classified as critical has been found in T-Systems Buroweb up to 2505.0.12. The affected element is an unknown function of the file /sta/CarpetaPublic/doEvent?APP_CODE=STA&PAGE_CODE=TABLON of the component tablon. Performing a manipulation results in sql injection.

This vulnerability is known as CVE-2026-1432. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2026-1432 | T-Systems Buroweb up to 2505.0.12 tablon doEvent?APP_CODE=STA&PAGE_CODE=TABLON sql injection

Post correlati

CVE-2024-1118 | Podlove Subscribe Button Plugin up to 1.3.10 on WordPress sql injection

CVE-2024-23579 | HCL DRYiCE Optibot Reset Station 1.0/2.0 Security Question inadequate encryption (KB0113496)

CVE-2024-47887 | Actionpack Gem on Ruby Action Controller redos

CVE-2024-43789 | Discourse up to 3.3.0/3.4.0.beta0 Reply resource consumption (GHSA-62cq-cpmc-hvqq)