Security Advisory

CVE-2026-39111

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-20 00:00:00

Last updated 2026-04-20 18:12:54

Assigner mitre

State PUBLISHED

Description

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page (forgot-password.php). This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve sensitive user data.

← Browse all CVEs View on cve.org ↗