CVE-2026-49771EPSS p13.1%

CVE-2026-49771CVE-2026-49771

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 10Web Photo Gallery by 10Web allows Blind SQL Injection. This issue affects Photo Gallery by 10Web: from n/a through 1.8.41.

Scoring

CVSS 7.6 ()
VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
EPSS0.23% probability of exploitation · percentile 13.1% · 2026-06-18T12:00:27Z
Last modified2026-06-04

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-39531
CVE
CVE-2026-9829
CVE
CVE-2026-48837
CVE
CVE-2026-42672
CVE
CVE-2025-28969
CVE
CVE-2025-58881
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.