CVE Catalog
CVE-2026-54809
CriticalCVSS 9.3Summary
CVE-2026-54809 describes an improper neutralization of special elements used in SQL commands, allowing for Blind SQL Injection in the VillaTheme GIFT4U application.
Risk Assessment
An attacker could exploit this vulnerability to gain unauthorized access to database information, potentially leading to serious security breaches.
Recommendation
It is recommended to update to the latest version of GIFT4U and implement appropriate security measures against SQL Injection attacks.
Original NVD description (English source)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VillaTheme GIFT4U allows Blind SQL Injection. This issue affects GIFT4U: from n/a through 1.0.10.

