CVE-2026-2620 – Huace Monitoring and Early Warning System ProjectRole.aspx sql injection

CVE ID : CVE-2026-2620

Published : Feb. 17, 2026, 8:22 p.m. | 37 minutes ago

Description : A weakness has been identified in Huace Monitoring and Early Warning System 2.2. Affected by this issue is some unknown functionality of the file /Web/SysManage/ProjectRole.aspx. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

آسیب‌پذیری‌های جدید و وصله‌های امنیتی به‌صورت مداوم منتشر می‌شوند و عدم بروزرسانی به‌موقع می‌تواند امنیت سرویس‌های حیاتی را به خطر بیندازد. خدمات مدیریت و پشتیبانی سرور آفاق هاستینگ شامل پایش امنیتی، بروزرسانی نرم‌افزارها، نصب Patchهای امنیتی و سخت‌سازی سرورها است.

خدمات مدیریت و امنیت سرور

نوشته های مشابه

CVE-2026-12673 – Liquidfiles Broken Access Control Privilege Escalation

CVE-2026-48908 – Joomla Extension – joomshaper.com – Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.12

CVE-2026-48939 – Joomla Extension – icagenda.com – Remote Code Execution in iCaganda extension for Joomla < 4.0.8/3.9.15

CVE-2026-48909 – Joomla Extension – joomshaper.com – PHP Object injection in SP LMS extension for Joomla < 4.1.4