CVE Catalog

CVE-2026-40455

HighCVSS 8.6
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.22%

12th percentile — higher than 12% of all known CVEs

Summary

An SQL Injection vulnerability exists in LMS (LAN Management System) before commit 4cb30a7 within the 'tarifflist.php' module due to insufficient sanitization of the POST 'tg[]' parameter. This allows authenticated attackers to perform Error-Based SQL injection and extract sensitive database information.

Risk Assessment

This vulnerability may lead to the exposure of sensitive database information, posing a serious threat to the organization's security. It allows attackers to access confidential data, potentially resulting in further attacks or privacy breaches.

Recommendation

It is recommended to update the LMS system to the latest version that includes security patches. Additionally, appropriate input sanitization mechanisms should be implemented to prevent similar attacks in the future.

Original NVD description (English source)

An SQL Injection vulnerability exists in LMS (LAN Management System) before commit 4cb30a7 within the "tarifflist.php" module due to insufficient sanitization of the POST "tg[]" parameter. The application directly concatenates user-supplied array values into an SQL query using "implode()", allowing authenticated attackers to perform Error-Based SQL injection and extract sensitive database information.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS