CVE-2026-6562 | dameng100 muucmf 1.9.5.20260309 /index/Search/index.html getListByPage keyword sql injection

Inserito da Angelo Barbosa | Apr 18, 2026 | CVE

A vulnerability categorized as critical has been discovered in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection.

This vulnerability appears as CVE-2026-6562. The attack may be performed from remote. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-6562 | dameng100 muucmf 1.9.5.20260309 /index/Search/index.html getListByPage keyword sql injection

Post correlati

CVE-2024-9853 | ID-SK Toolkit Plugin up to 1.7.2 on WordPress SVG File Upload cross site scripting

CVE-2024-10186 | Event Post Plugin up to 5.9.6 on WordPress Shortcode events_cal cross site scripting

CVE-2024-6248 | Wyze Cam 3 Authentication Remote Code Execution

CVE-2024-5694 | Mozilla Firefox up to 126 Javascript Engine use after free