PT-2026-27813 · Unknown · Lisfinity Core
Published
2026-03-25
·
Updated
2026-03-30
·
CVE-2026-22484
CVSS v3.1
9.3
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Lisfinity Core versions n/a through 1.5.0
Description
A flaw exists in pebas Lisfinity Core lisfinity-core that allows for SQL Injection. This occurs due to improper neutralization of special elements used in an SQL command. The issue affects the application's handling of SQL queries, potentially allowing an attacker to manipulate database operations. The vulnerable component is susceptible to SQL Injection attacks through the use of crafted input.
Recommendations
Versions prior to 1.5.0 should be updated.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Lisfinity Core