What the vulnerability does
01Description
Insufficient sanitization of SQL queries in the `sqloptimizer` utility script allows SQL Injections on behalf of the root user if Slow Query logging is enabled.
CVSS base score
8.1/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
Key dates
02Disclosure timeline
May 13, 2026
CVE published
May 14, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-28788 WordPress Advanced Page Visit Counter Plugin <= 6.4.2 is vulnerable to SQL Injection
CVE-2025-32826
CVE-2023-26584 Unauthenticated SQL Injection In IDAttend’s IDWeb Application
CVE-2025-4913 PHPGurukul Auto Taxi Stand Management System index.php sql injection
CVE-2024-8327 HWA JIUH DIGITAL TECHNOLOGY Easy test Online Learning and Testing Platform - SQL injection
