PT-2026-20669 · Unknown · Yoren Chang Media Search Enhanced
Nabil Irawan
·
Published
2026-02-19
·
Updated
2026-02-19
·
CVE-2026-23805
CVSS v3.1
7.6
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Yoren Chang Media Search Enhanced versions through 0.9.1
Description
A flaw exists in Yoren Chang Media Search Enhanced that allows for SQL Injection. This occurs due to improper neutralization of special elements within SQL commands. The vulnerability is present in the media-search-enhanced component.
Recommendations
Update Yoren Chang Media Search Enhanced to a version later than 0.9.1.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Yoren Chang Media Search Enhanced