CVE Catalog
CVE-2026-54822
HighCVSS 8.5Summary
Subscriber SQL Injection vulnerability in SALESmanago and Leadoo versions up to 3.11.2 allows unauthorized access to the database through malicious SQL query injection.
Risk Assessment
An attacker could gain access to sensitive data, potentially leading to a loss of confidentiality and financial losses for the organization.
Recommendation
It is recommended to upgrade to the latest version of the software to mitigate this vulnerability and conduct a security audit of the database.
Original NVD description (English source)
Subscriber SQL Injection in SALESmanago & Leadoo <= 3.11.2 versions.

