PT-2026-30446 · Unknown · Song-Li Cross Browser

Bigw

Published

2026-04-05

Updated

2026-04-30

CVE-2026-5577

CVSS v3.1

8.6

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

Name of the Vulnerable Software and Affected Versions Song-Li cross browser up to ca690f0fe6954fd9bcda36d071b68ed8682a786a

Description A vulnerability exists in Song-Li cross browser, potentially allowing for SQL injection. The issue affects an unknown part of the flask/uniquemachine app.py file within the details Endpoint. Manipulation of the ID argument can trigger the vulnerability, and it can be exploited remotely. The exploit has been publicly disclosed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

SQL injection

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89CWE-74

Related Identifiers

CVE-2026-5577

Affected Products

Song-Li Cross Browser

PT-2026-30446 · Unknown · Song-Li Cross Browser

CVE-2026-5577

Weakness Enumeration

Related Identifiers

Affected Products

References · 9