Unrated severityNVD Advisory· Published Mar 25, 2026· Updated Mar 25, 2026
SQL Injection vulnerability in Support Board
CVE-2026-4815
Description
A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls[0][message_ids][]' parameter in '/supportboard/include/ajax.php' endpoint.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 3.7.7+ 1 more
- (no CPE)range: = 3.7.7
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.