CVE-2026-27039

Name of the Vulnerable Software and Affected Versions AA-Team WZone woozone versions through 14.0.31

Description The software contains an improper neutralization of special elements used in an SQL command, leading to a Blind SQL Injection issue. This allows for potential unauthorized access to or modification of data within the database. The SQL Injection occurs due to insufficient sanitization of user-supplied input before it is used in a database query. This could allow an attacker to craft malicious SQL statements that are executed by the database server.

Recommendations Versions prior to 14.0.31 should be updated.