SQL Injection in Soplanning
CVE-2026-40546
SOPlanning is vulnerable to SQL Injection across multiple endpoints and parameters. Attacker with low privileges can inject arbitrary SQL commands, potentially gaining full control over the database. This issue affects SOPlanning version…
Vulnerability class: SQL Injection
EPSS: 0.000 (9.1th percentile) — read the EPSS interpretation.
Affected products
- Soplanning — versions 0
Weakness classification (CWE)
References
- cvd@cert.pl (third-party-advisory)
- cvd@cert.pl (product)