CVE-2025-57793

High CVSS: 8.6

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user-supplied input in a web application component. Crafted input can be executed as part of backend database queries. The issue is exploitable without authentication, significantly elevating the risk.

Vendor

Explorance

Product

Blue

CWE

CWE-89

Yayın Tarihi

2026-01-28 18:16:49

Güncelleme

2026-02-05 17:00:20

Source Identifier

mandiant-cve@google.com

KEV Date Added

Kategoriler

CWE-89 Blue HIGH Explorance 2026

Referanslar

https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2026/MNDT-2026-0002.md https://online-help.explorance.com/blue/articles/security-advisories-(january-2026) https://online-help.explorance.com/blue/articles/security-advisory:-cve-2025-57793 https://www.explorance.com/products/blue

Benzer Kayıtlar

Critical

CVE-2025-57792

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user…

Critical

CVE-2025-57794

Explorance Blue versions prior to 8.14.9 contain an authenticated unrestricted file upload vulnerability in the administ…

Critical

CVE-2025-57795

Explorance Blue versions prior to 8.14.13 contain an authenticated remote file download vulnerability in a web service c…

Medium

CVE-2025-57796

Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sen…

Medium

CVE-2025-52344

Multiple Cross Site Scripting (XSS) vulnerabilities in input fields in Explorance Blue 8.1.2 allows attackers to inject…