CVE Catalog
CVE-2026-52673
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk0.44%
35th percentile — higher than 35% of all known CVEs
Summary
SQL Injection vulnerability in Cboard v.0.4.2 and earlier allows a remote attacker to execute arbitrary code via the getDimensionsValues component.
Risk Assessment
An attacker can gain unauthorized access to the database, steal or modify data, and in extreme cases take over the server.
Recommendation
Immediately update Cboard to the latest available version and apply parameterized SQL queries in the getDimensionsValues component.
Original NVD description (English source)
SQL Injection vulnerability in Cboard v.0.4.2 and before allows a remote attacker to execute arbitrary code via the getDimensionsValues component

