CVE-2026-43937 | YAFNET YetAnotherForum.NET up to 4.0.4 /Info/4 sql injection

Inserito da Angelo Barbosa | Mag 12, 2026 | CVE

A vulnerability was found in YAFNET YetAnotherForum.NET up to 4.0.4. It has been rated as critical. This affects an unknown function of the file /Info/4. The manipulation leads to sql injection.

This vulnerability is documented as CVE-2026-43937. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2026-43937 | YAFNET YetAnotherForum.NET up to 4.0.4 /Info/4 sql injection

Post correlati

CVE-2024-28135 | Phoenix Contact CHARX SEC-3150 up to 1.5.1 API injection (VDE-2024-019)

CVE-2024-24943 | JetBrains Toolbox App up to 2.1 SVG Image resource consumption

CVE-2022-45135 | Apache Cocoon =2.2.x sql injection

CVE-2023-50247 | H2O up to 2.3.0-beta2 QUIC Stack allocation of resources