CVE-2026-49771

Summary

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 10Web Photo Gallery by 10Web allows Blind SQL Injection.

This issue affects Photo Gallery by 10Web: from n/a through 1.8.41.

Affected Software

VendorProductVersion RangeStatus
10WebPhoto Gallery by 10Webn/a <= 1.8.41affected

Weaknesses

  • CWE-89: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References