CVE-2026-1198 – SQL Injection in SIMPLE.ERP

CVE ID : CVE-2026-1198

Published : Feb. 26, 2026, 12:15 p.m. | 54 minutes ago

Description : SIMPLE.ERP is vulnerable to the SQL Injection in search functionality in “Obroty na kontach” window. Lack of input validation allows an authenticated attacker to prepare a malicious query to the database that will be executed.
This issue was fixed in 6.30@A04.4_u06.

Severity: 8.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-28296 – Gvfs: ftp gvfs backend: arbitrary ftp command injection via crlf sequences in file paths

CVE-2026-28295 – Gvfs: gvfs ftp backend: information disclosure via untrusted pasv responses

CVE-2026-26265 – Discourse has IDOR vulnerability in the directory items endpoint

CVE-2026-26228 – VLC for Android < 3.7.0 Remote Access Path Traversal