CVE-2026-22195

UNKNOWN 0.0

GestSup < 3.2.60 SQL Injection in Search Bar

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

GestSup versions prior to 3.2.60 contain a SQL injection vulnerability in the search bar functionality. User-controlled search input is incorporated into SQL queries without sufficient neutralization, allowing an authenticated attacker to manipulate database queries. Successful exploitation can result in unauthorized access to or modification of database contents depending on database privileges.

CWE	CWE-89
Vendor	gestsup
Product	gestsup
Published	Jan 9, 2026
Last Updated	Mar 5, 2026

Stay Ahead of the Next One

Get instant alerts for gestsup gestsup

Be the first to know when new unknown vulnerabilities affecting gestsup gestsup are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

GestSup / GestSup

0 < 3.2.60

References

NVD ↗ CVE.org ↗ EPSS Data ↗

gestsup.fr: https://gestsup.fr/index.php?page=changelog vulncheck.com: https://www.vulncheck.com/advisories/gestsup-sqli-in-search-bar

Credits

Geoffrey Robert and Valentin Holubec of Akailabs VulnCheck