#sql-injection
2 articles
Security Alerts Apr 23, 2026
CVE-2026-41460: Critical SQL injection in SocialEngine
SocialEngine 7.8.0 and earlier contain a SQL injection in the /activity/index/get-memberall endpoint. Unauthenticated attackers can read database contents, reset admin passwords, and take over the admin panel...
Security Alerts Apr 14, 2026
CVE-2026-27681: Critical SQL Injection Vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse
Critical SQL Injection vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse allows data manipulation, service disruption, and potential system compromise. Affects versions HANABPC 810, BPC4HANA 300, SAP_BW 750-758, 816.