Security Advisory

CVE-2026-4815

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-25 13:31:52

Last updated 2026-03-25 17:41:55

Assigner INCIBE

State PUBLISHED

Description

A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via calls[0][message_ids][] parameter in /supportboard/include/ajax.php endpoint.

← Browse all CVEs View on cve.org ↗