Skip to main content

Cms Alaya

1 CVEs product

Monthly

CVE-2026-40529 MEDIUM This Month

SQL injection in CMS ALAYA 7.4.1.4 and earlier allows authenticated administrators to obtain or modify database information through the administrative interface. The vulnerability requires high-privilege access (PR:H) and carries low confidentiality, integrity, and availability impact per CVSS 4.0 scoring. No public exploit code or active exploitation has been identified at time of analysis.

SQLi Cms Alaya
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
EPSS 0% CVSS 5.1
MEDIUM This Month

SQL injection in CMS ALAYA 7.4.1.4 and earlier allows authenticated administrators to obtain or modify database information through the administrative interface. The vulnerability requires high-privilege access (PR:H) and carries low confidentiality, integrity, and availability impact per CVSS 4.0 scoring. No public exploit code or active exploitation has been identified at time of analysis.

SQLi Cms Alaya
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy