Description
An SQL Injection vulnerability exists in Redeight CMS version 1.0 via the "userEmail" parameter in the POST "/admin/index.php" login endpoint. The application fails to sanitize user input and directly interpolates it into SQL queries without using prepared statements, which allows unauthenticated remote attackers to execute arbitrary SQL commands and extract sensitive database information.
Published: 2026-06-30
Score: 9.3 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An SQL Injection vulnerability exists in Redeight CMS as of version 1.0, triggered through the "userEmail" parameter in the POST "/admin/index.php" login endpoint. The application fails to sanitize input and directly inserts the value into SQL statements, enabling unauthenticated remote attackers to run arbitrary SQL commands. This flaw can result in the extraction of sensitive database contents, leading to significant confidentiality loss and potential data breach. The vulnerability is classified as CWE‑89 and carries a CVSS score of 9.3, indicating a high severity.

Affected Systems

The affected system is Redeight CMS version 1.0. No other versions or third‑party components are listed as impacted.

Risk and Exploitability

The vulnerability can be exploited remotely without authentication by sending a crafted HTTP POST request to the login endpoint. The high CVSS score reflects a large impact scope, though the EPSS score is not reported and the vulnerability is not listed in CISA’s KEV catalog. Potential attackers would not need privileged credentials and could gain direct access to database data, posing a high risk of data exfiltration. The likely attack vector is remote over HTTP, targeting the unauthenticated admin login endpoint.

Generated by OpenCVE AI on June 30, 2026 at 12:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor-provided patch or update to a version where input is sanitized or prepared statements are used for all database queries.
  • Limit access to the "/admin/index.php" endpoint by restricting to trusted IP addresses or VPNs to reduce exposure to unauthenticated attackers.
  • Deploy a Web Application Firewall or IPS rule set that detects and blocks common SQL injection payloads such as "' OR '1'='1" and similar patterns.
  • Conduct regular vulnerability scans focused on SQL injection in web applications and immediately remediate any findings.

Generated by OpenCVE AI on June 30, 2026 at 12:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 30 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 30 Jun 2026 11:45:00 +0000

Type Values Removed Values Added
Description An SQL Injection vulnerability exists in Redeight CMS version 1.0 via the "userEmail" parameter in the POST "/admin/index.php" login endpoint. The application fails to sanitize user input and directly interpolates it into SQL queries without using prepared statements, which allows unauthenticated remote attackers to execute arbitrary SQL commands and extract sensitive database information.
Title SQL Injection in Redeight CMS
Weaknesses CWE-89
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: CERT-PL

Published:

Updated: 2026-06-30T12:17:21.064Z

Reserved: 2026-06-10T14:02:39.879Z

Link: CVE-2026-53690

cve-icon Vulnrichment

Updated: 2026-06-30T12:17:11.551Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-30T12:30:13Z

Weaknesses
  • CWE-89

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')