CVE-2026-14751 | mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be search_scratch_data.php search_scratch_data field_name sql injection
A vulnerability was found in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. It has been classified as critical. The impacted element is the function Notes_controller::search_scratch_data of the file application/PHP/objects/notes/search_scratch_data.php. This manipulation of the argument field_name causes sql injection.
The identification of this vulnerability is CVE-2026-14751. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More