CNNVD-202602-982 Information

CNNVD ID

CNNVD-202602-982

Related CVE

CVE-2026-24419

• CNNVD Published: 2026-02-06

Description (Chinese)

OpenSTAManager是Devcode开源的一个用于技术援助和计费的开源管理软件。 OpenSTAManager v2.9.8及之前版本存在安全漏洞，该漏洞源于对Prima Nota模块add.php文件中id_documenti GET参数验证不足，可能导致基于错误的SQL注入攻击。

Description (English)

OpenSTAManager is an open source management software for technical assistance and costing from Devcode. OpenSTAManager v. 2.9.8 and earlier versions had a security loophole, which stemmed from inadequate verification of the parameters of the Prima Nota module add.php id documenti GET, which could lead to an error-based SQL injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Devcode

Published

2026-02-06

Last Modified

2026-02-24

References

https://github.com/devcode-it/openstamanager/security/advisories/GHSA-4j2x-jh4m-fqv6