PT-2026-25245 · David Lingren · Media Library Assistant

Doan Dinh Van

Publicado

2026-03-13

Atualizado

2026-03-14

CVE-2026-32399

CVSS v3.1

8.5

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Name of the Vulnerable Software and Affected Versions David Lingren Media Library Assistant versions through 3.32

Description The software contains an improper neutralization of special elements used in an SQL command, leading to a blind SQL injection issue. This allows for potential unauthorized access or modification of data through crafted SQL queries. The API endpoints and vulnerable parameters are not specified in the provided information.

Recommendations Update David Lingren Media Library Assistant to a version later than 3.32.

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2026-32399

Produtos afetados

Media Library Assistant

PT-2026-25245 · David Lingren · Media Library Assistant

CVE-2026-32399

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5