CVE-2026-40457 | LMS Management System GET Parameter dbrecover.php cross site scripting (9c5651b)

Inserito da Angelo Barbosa | Giu 18, 2026 | CVE

A vulnerability was found in LMS Management System and classified as problematic. This impacts an unknown function of the file dbrecover.php of the component GET Parameter Handler. Such manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2026-40457. The attack may be launched remotely. There is no exploit available.

A patch should be applied to remediate this issue.

CVE-2026-40457 | LMS Management System GET Parameter dbrecover.php cross site scripting (9c5651b)

Post correlati

CVE-2025-67890 | pkp Open Journal Systems up to 3.3.0-21/3.4.0-9/3.5.0-1 Native XML Plugin NativeXmlIssueGalleyFilter.php writeFile path traversal

CVE-2024-8867 | Perfex CRM 3.1.6 Parameter Clients.php message cross site scripting

CVE-2026-46289 | Linux Kernel up to 6.6.139/6.12.87/6.18.29/7.0.6 lib extract_iter_to_sg memory leak

CVE-2026-4595 | code-projects Exam Form Submission 1.0 /admin/update_s6.php sname cross site scripting