High severity7.6NVD Advisory· Published Jun 4, 2026· Updated Jun 4, 2026
CVE-2026-49771
CVE-2026-49771
Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 10Web Photo Gallery by 10Web allows Blind SQL Injection.
This issue affects Photo Gallery by 10Web: from n/a through 1.8.41.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.8.41+ 1 more
- (no CPE)range: <=1.8.41
- (no CPE)range: <=1.8.41
Patches
Vulnerability mechanics
References
1News mentions
1- Wordfence Intelligence Weekly WordPress Vulnerability Report (June 1, 2026 to June 7, 2026)Wordfence Blog · Jun 11, 2026