PT-2026-58885 · Unknown · Metaguru Hcm

Published

2026-07-15

·

Updated

2026-07-15

·

CVE-2026-15804

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions MetaGuru HCM (affected versions not specified)
Description Authenticated remote attackers can perform a SQL Injection, which occurs when malicious SQL statements are inserted into entry fields for execution, potentially allowing unauthorized access to the database. This issue allows the injection of SQL commands via specific parameters, compromising the confidentiality, integrity, and availability of the database data.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-15804

Affected Products

Metaguru Hcm