CVE-2025-26186 | openSIS 9.1 Ajax.php ID sql injection

Inserito da Angelo Barbosa | Lug 15, 2025 | CVE

A vulnerability was found in openSIS 9.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file Ajax.php. The manipulation of the argument ID leads to sql injection.

This vulnerability is handled as CVE-2025-26186. The attack may be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-26186 | openSIS 9.1 Ajax.php ID sql injection

Post correlati

Microsoft Edge Remote Code Execution

CVE-2024-45750 | TheGreenBow Windows Standard VPN Client IKEv2 Authentication improper authentication

CVE-2024-34808 | Samuel Marshall JCH Optimize Plugin up to 4.2.0 on WordPress path traversal

CVE-2023-7265 | Huawei HarmonyOS/EMUI Lock Screen Module access control