NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-25606

Summary	A SQL injection vulnerability has been identified in STER. Improper neutralization of input provided by user into multiple Search Filters allows for SQL Injection attacks. It allows an authenticated attacker to view sensitive data such as data belonging to other users, or any other data that the application itself is able to access This issue was fixed in version 9.5.
Publication Date	May 22, 2026, 7:16 p.m.
Registration Date	May 24, 2026, 4:05 a.m.
Last Update	May 22, 2026, 7:16 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://cert.pl/posts/2026/05/CVE-2026-25606	cvd@cert.pl
2	https://www.ciop.pl/CIOPPortalWAR/appmanager/ciop/pl?_nfpb=true&_pageLabel=P52000165211572544981480	cvd@cert.pl

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-89	SQLインジェクション	https://cwe.mitre.org/data/definitions/89.html