Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Lifecycle Timeline
3DescriptionCVE.org
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Essekia Tablesome tablesome allows Blind SQL Injection.This issue affects Tablesome: from n/a through <= 1.2.3.
AnalysisAI
Essekia Tablesome versions up to 1.2.3 contain a blind SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries through improper input sanitization. An attacker with valid credentials can exploit this to extract sensitive data from the database, though no patch is currently available. The vulnerability has a CVSS score of 8.5 and requires network access with low attack complexity.
Technical ContextAI
Classified as CWE-89 (SQL Injection). Affects Essekia Tablesome tablesome. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Essekia Tablesome tablesome allows Blind SQL Injection.This issue affects Tablesome: from n/a through <= 1.2.3.
Affected ProductsAI
Product: Essekia Tablesome tablesome.
RemediationAI
Monitor vendor advisories for a patch. Use parameterized queries. Implement input validation. Restrict network access to the affected service where possible.
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today