NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-34185

Summary	Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, potentially gaining full control over the database.This issue was fixed in Hydrosystem Control System version 9.8.5
Publication Date	April 9, 2026, 7:16 p.m.
Registration Date	April 15, 2026, 11:34 a.m.
Last Update	April 14, 2026, 12:02 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://cert.pl/posts/2026/04/CVE-2026-4901/	cvd@cert.pl
2	https://www.hydrosystem.poznan.pl/	cvd@cert.pl

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-89	SQLインジェクション	https://cwe.mitre.org/data/definitions/89.html