CVE-2026-27413

Name of the Vulnerable Software and Affected Versions Cozmoslabs Profile Builder Pro versions through 3.13.9

Description The software contains an Improper Neutralization of Special Elements used in an SQL Command issue, also known as a SQL Injection. This allows for Blind SQL Injection. The issue affects the application and could allow attackers to execute malicious SQL queries. No information is available regarding the number of potentially affected devices or real-world incidents. The vulnerability allows attackers to execute Blind SQL Injection. The vulnerable component is susceptible to exploitation via crafted SQL commands.

Recommendations Update to version 3.14 to address the issue.