CVE-2026-37428 | Qihang wms SysDeptMapper.xml datascope sql injection

Inserito da Angelo Barbosa | Mag 13, 2026 | CVE

A vulnerability, which was classified as critical, has been found in Qihang wms. This affects an unknown function of the file SysDeptMapper.xml. Performing a manipulation of the argument datascope results in sql injection.

This vulnerability is known as CVE-2026-37428. Remote exploitation of the attack is possible. No exploit is available.

CVE-2026-37428 | Qihang wms SysDeptMapper.xml datascope sql injection

Post correlati

CVE-2024-38677 | Reviews.co.uk REVIEWS.io Plugin up to 1.2.7 on WordPress cross site scripting

CVE-2026-34200 | Nhost up to 1.40.x missing authentication

CVE-2025-40649 | BBMRI-ERIC Negotiator up to 3.15.4 Query posts cross site scripting

CVE-2025-10649 | Welcart e-Commerce Plugin up to 2.11.21 on WordPress Cookie sql injection