CVE-2026-41460 | SocialEngine up to 7.8.0 get-memberall text sql injection

Inserito da Angelo Barbosa | Apr 23, 2026 | CVE

A vulnerability classified as critical was found in SocialEngine up to 7.8.0. This vulnerability affects unknown code of the file /activity/index/get-memberall. The manipulation of the argument text results in sql injection.

This vulnerability is reported as CVE-2026-41460. The attack can be launched remotely. No exploit exists.

CVE-2026-41460 | SocialEngine up to 7.8.0 get-memberall text sql injection

Post correlati

CVE-2026-6590 | ComfyUI up to 0.13.0 Model Preview Endpoint app/model_manager.py get_model_preview path traversal

CVE-2024-10449 | Codezips Hospital Appointment System 1.0 /loginAction.php Username sql injection

CVE-2025-10756 | UTT HiPER 840G up to 3.1.1-190328 getOneApConfTempEntry tempName buffer overflow

CVE-2026-5570 | Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30 /LoginCB index_config improper authentication