Description
A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the component JSON Query Interface. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-05-31
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is located in the Query function of SysUserController.java in OFCMS 1.1.3. It arises from unsanitized input that is directly incorporated into an SQL statement, leading to SQL injection. An attacker can exploit the flaw remotely via the JSON Query interface, potentially reading, modifying, or deleting sensitive data from the underlying database. The weakness corresponds to CWE‑74 and CWE‑89 and poses a risk of confidentiality and integrity compromise.

Affected Systems

The affected product is OFCMS version 1.1.3. No other versions are listed in the CNA data. The vulnerability has been identified only for this specific release within the OFCMS component named JSON Query Interface.

Risk and Exploitability

The CVSS score of 5.3 indicates a moderate severity level. The EPSS score is not available, and the vulnerability is not listed in CISA’s KEV catalog, indicating no confirmed exploitation in the wild at the time of analysis. The attack vector is inferred to be remote, as the issue description explicitly states remote initiation. With public exploit code reported, the risk level remains moderate but should be addressed promptly to reduce the potential for attackers to gain unauthorized database access.

Generated by OpenCVE AI on June 1, 2026 at 01:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any vendor-released patch or upgrade to the latest OFCMS version when available.
  • Disable the vulnerable JSON Query interface or restrict it to trusted IP ranges.
  • Ensure that all input parameters are validated and used only in parameterized queries to prevent SQL injection.

Generated by OpenCVE AI on June 1, 2026 at 01:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 01 Jun 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 01 Jun 2026 00:00:00 +0000

Type Values Removed Values Added
Description A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the component JSON Query Interface. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
Title OFCMS JSON Query SysUserController.java query sql injection
First Time appeared Ofcms
Ofcms ofcms
Weaknesses CWE-74
CWE-89
CPEs cpe:2.3:a:ofcms:ofcms:*:*:*:*:*:*:*:*
Vendors & Products Ofcms
Ofcms ofcms
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Ofcms Ofcms
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-01T14:59:00.848Z

Reserved: 2026-05-31T06:36:12.922Z

Link: CVE-2026-10204

cve-icon Vulnrichment

Updated: 2026-06-01T14:58:57.608Z

cve-icon NVD

Status : Deferred

Published: 2026-06-01T00:16:42.427

Modified: 2026-06-01T15:15:37.293

Link: CVE-2026-10204

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-02T20:30:16Z

Weaknesses
  • CWE-74

    Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

  • CWE-89

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')