CNNVD-202602-969 Information
Feb 06, 2026
cve
CNNVD ID
CNNVD-202602-969
Related CVE
- CNNVD Published: 2026-02-06
Description (Chinese)
OpenSTAManager是Devcode开源的一个用于技术援助和计费的开源管理软件。 OpenSTAManager v2.9.8及之前版本存在SQL注入漏洞,该漏洞源于对Scadenzario模块批量操作处理程序中的id_records数组验证不足,可能导致基于错误的SQL注入攻击。
Description (English)
OpenSTAManager is an open source management software for technical assistance and costing from Devcode. OpenSTAManager v. 2.9.8 and earlier versions had an injection loophole in SQL, which stemmed from inadequate verification of id records arrays in the bulk operation processing of the Scadenzario module, which could lead to an error-based SQL injection attack.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
Devcode
Published
2026-02-06
Last Modified
2026-02-24
References
https://github.com/devcode-it/openstamanager/security/advisories/GHSA-4xwv-49c8-fvhq
Share on: