brynax/CVE-2026-30655

Releases0

Security advisory for CVE-2026-30655: unauthenticated SQL injection in esiclivre (/reset/index.php).

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-30655 ↗	Mar 24, 2026Tuesday, 24 March 2026, 15:16	6.5 MEDIUM	—
SQL injection in Solicitante::resetaSenha() in esiclivre/esiclivre v0.2.2 and earlier allows unauthenticated remote attackers to gain unauthorized access to sensitive information via the cpfcnpj parameter in /reset/index.php