Back to search
CVE-2026-1198
Published: Feb 26, 2026
Modified: Feb 26, 2026
PUBLISHED
Description
SIMPLE.ERP is vulnerable to the SQL Injection in search functionality in "Obroty na kontach" window. Lack of input validation allows an authenticated attacker to prepare a malicious query to the database that will be executed. This issue was fixed in [email protected]_u06.
| Vendor | Product | Versions |
|---|---|---|
Simple SA | Simple.ERP | affected 0 - < [email protected]_u06 |
Weaknesses (CWE)
References
https://simple.com.pl/
product
https://cert.pl/posts/2026/02/CVE-2026-1198
third-party-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now