CVE-2026-7699 | Dromara MaxKey up to 3.5.13 StrUtils.java StrUtils.checkSqlInjection filtersfields sql injection

Inserito da Angelo Barbosa | Mag 2, 2026 | CVE

A vulnerability has been found in Dromara MaxKey up to 3.5.13 and classified as critical. Affected by this issue is the function StrUtils.checkSqlInjection of the file StrUtils.java. Performing a manipulation of the argument filtersfields results in sql injection.

This vulnerability is reported as CVE-2026-7699. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-7699 | Dromara MaxKey up to 3.5.13 StrUtils.java StrUtils.checkSqlInjection filtersfields sql injection

Post correlati

CVE-2025-7936 | fuyang_lipengjun platform up to ca9aceff6902feb7b0b6bf510842aea88430796a ScheduleJobLogController.java queryPage beanName/methodName sql injection (ICLIK1)

CVE-2024-13380 | Alex Reservations Smart Restaurant Booking Plugin up to 2.0.5 on WordPress Shortcode rr_form cross site scripting

CVE-2024-39530 | Juniper Networks Junos OS up to 22.4R1 unusual condition (JSA82989)

CVE-2024-23676 | Splunk Enterprise/Cloud SPL Command information disclosure (SVD-2024-0106)