SQL Injection in Redeight Cms
CVE-2026-53690
An SQL Injection vulnerability exists in Redeight CMS version 1.0 via the "userEmail" parameter in the POST "/admin/index.php" login endpoint. The application fails to sanitize user input and directly interpolates it into SQL queries witho…
Vulnerability class: SQL Injection
Affected products
- Redeight Cms — versions 1.0
Weakness classification (CWE)
References
- cvd@cert.pl (third-party-advisory)