CVE-2026-40818 | MB Connect Line mbCONNECT24/mymbCONNECT24 up to 2.20.0 _mb24confi_getDevice sql injection (VDE-2026-044)

Inserito da Angelo Barbosa | Mag 27, 2026 | CVE

A vulnerability labeled as critical has been found in MB Connect Line mbCONNECT24 and mymbCONNECT24 up to 2.20.0. Impacted is the function _mb24confi_getDevice. Such manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2026-40818. The attack can be launched remotely. No exploit exists.

CVE-2026-40818 | MB Connect Line mbCONNECT24/mymbCONNECT24 up to 2.20.0 _mb24confi_getDevice sql injection (VDE-2026-044)

Post correlati

CVE-2025-1987 | Psono-client up to 4.0.4 javascript URL cross site scripting

CVE-2024-58098 | Linux Kernel up to 6.12.24 filter.c bpf_skb_pull_data state issue

CVE-2023-50197 | Intel Driver & Support Assistant link following (ZDI-23-1773)

CVE-2024-54818 | SourceCodester Computer Laboratory Management System 1.0 list access control