CVE Catalog

CVE-2026-42647

CriticalCVSS 9.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Very high risk
5.18%

90th percentile — higher than 90% of all known CVEs

Summary

CVE-2026-42647 describes an improper neutralization of special elements used in SQL commands, leading to the possibility of Blind SQL Injection attacks in the Beardev JoomSport application.

Risk Assessment

An attacker could exploit this vulnerability to gain unauthorized access to database data, potentially leading to serious security breaches.

Recommendation

It is recommended to update JoomSport to the latest version to eliminate this vulnerability and implement additional security measures such as input data filtering.

Original NVD description (English source)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beardev JoomSport allows Blind SQL Injection. This issue affects JoomSport: from n/a through 5.7.7.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS