Vulnerabilities

Report: CVE-2026-7699 - Dromara MaxKey StrUtils.java StrUtils.checkSqlInjection sql injection - Guide

2026-05-03 0 views admin

CVE ID :CVE-2026-7699 Published : May 3, 2026, 3:15 p.m. | 41 minutes ago Description :A security flaw has been discovered in Dromara MaxKey up to 3.5.13. Affected by this issue is the function StrUtils.checkSqlInjection of the file StrUtils.java. Performing a manipulation of the argument filtersfields results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-7699

Severity

MEDIUM

Published

May 3, 2026

Affected Product: java

Impact: sql injection

🏷️ Tags

reportdromaramaxkeystrutilschecksqlinjectioninjectionguidepublishedcvesql injection

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-7699 - Dromara MaxKey StrUtils.java StrUtils.checkSqlInjection sql injection - Guide

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-7702 - toeverything AFFiNE Public Markdown Preview Endpoint :docId allowDocPreview autho

Report: Update: CVE-2026-7704 - AV Stumpfl Pixera Two Media Server Service Port 1338 path traversal

Report: Essential Guide: CVE-2026-7703 - AV Stumpfl Pixera Two Media Server Websocket API code injection

Report: CVE-2026-7698 - Tiandy Easy7 Integrated Management Platform updateDbBackupInfo os command injection - Guide

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting