devcode-it/openstamanager Security Advisories for v2.9.x-dev (4)
-
[HIGH] OpenSTAManager has a SQL Injection via righe Parameter in confronta_righe Modals
PKSA-398m-bjsp-p21n CVE-2026-35470 GHSA-mmm5-3g4x-qw39
Affected version: <=2.10.1
Reported by:
GitHub -
[HIGH] OpenSTAManager: SQL Injection via Aggiornamenti Module
PKSA-dx7q-hp3f-cn12 CVE-2026-35168 GHSA-2fr7-cc4f-wh98
Affected version: <=2.10.1
Reported by:
GitHub -
[HIGH] OpenSTAManager Affected by Remote Code Execution via Insecure Deserialization in OAuth2
PKSA-7wd8-5d3q-gt4k CVE-2026-29782 GHSA-whv5-4q2f-q68g
Affected version: <=2.10.1
Reported by:
GitHub -
[HIGH] OpenSTAManager has a Time-Based Blind SQL Injection via `options[stato]` Parameter
PKSA-84pv-3jy7-8y8y CVE-2026-28805 GHSA-3gw8-3mg3-jmpc
Affected version: <=2.10.1
Reported by:
GitHub