CVE-2026-7435

HIGH 7.2

SSCMS v7.4.0 SQL Injection via stl:sqlContent queryString

CVSS Score

7.2

EPSS Score

0.0%

EPSS Percentile

0th

SSCMS v7.4.0 contains a SQL injection vulnerability in the stl:sqlContent tag where the queryString attribute is passed directly to database execution without parameterization or sanitization. Attackers can craft encrypted payloads submitted to the /api/stl/actions/dynamic endpoint to execute arbitrary SQL statements, leading to unauthorized database access, data disclosure, authentication bypass, data modification, or complete database compromise.

CWE	CWE-89
Vendor	siteserver
Product	sscms
Published	Apr 30, 2026

Stay Ahead of the Next One

Get instant alerts for siteserver sscms

Be the first to know when new high vulnerabilities affecting siteserver sscms are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

siteserver / SSCMS

7.4.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/siteserver/cms/issues/3891 github.com: https://github.com/siteserver/cms vulncheck.com: https://www.vulncheck.com/advisories/sscms-sql-injection-via-stl-sqlcontent-querystring

Credits

hss94531 (https://github.com/hss94531) Beatriz Fresno Naumova