PT-2026-25245 · David Lingren · Media Library Assistant
Doan Dinh Van
·
Published
2026-03-13
·
Updated
2026-03-14
·
CVE-2026-32399
CVSS v3.1
8.5
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
David Lingren Media Library Assistant versions through 3.32
Description
The software contains an improper neutralization of special elements used in an SQL command, leading to a blind SQL injection issue. This allows for potential unauthorized access or modification of data through crafted SQL queries. The API endpoints and vulnerable parameters are not specified in the provided information.
Recommendations
Update David Lingren Media Library Assistant to a version later than 3.32.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Media Library Assistant