CVE-2026-1198

Vulnerability Description

SIMPLE.ERP is vulnerable to the SQL Injection in search functionality in "Obroty na kontach" window. Lack of input validation allows an authenticated attacker to prepare a malicious query to the database that will be executed. This issue was fixed in [email protected]_u06.

Related Weaknesses (CWE)

CWE-89

References

https://cert.pl/posts/2026/02/CVE-2026-1198
https://simple.com.pl/

FAQ

What is CVE-2026-1198?

CVE-2026-1198 is a documented vulnerability. SIMPLE.ERP is vulnerable to the SQL Injection in search functionality in "Obroty na kontach" window. Lack of input validation allows an authenticated attacker to prepare a malicious query to the datab...

How severe is CVE-2026-1198?

CVSS scoring is not yet available for CVE-2026-1198. Check NVD for updates.

Is there a patch for CVE-2026-1198?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.