CVE-2026-2236

Name of the Vulnerable Software and Affected Versions C&Cm@il versions (affected versions not specified)

Description C&Cm@il, developed by HGiga, contains a SQL Injection flaw. This allows attackers who do not need to be logged in to inject arbitrary SQL commands, potentially allowing them to read the contents of the database. The vulnerability affects the application's handling of SQL queries, enabling malicious input to manipulate database operations.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.