Vendor
Slah
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- 2 CVEs
Recent CVEs
2| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-30995 | Hig | 0.56 | 8.6 | 0.00 | Apr 15, 2026 | Slah CMS v1.5.0 and below was discovered to contain a SQL injection vulnerability via the id parameter in the vereador_ver.php endpoint. | |
| CVE-2026-30994 | Hig | 0.49 | 7.5 | 0.00 | Apr 15, 2026 | Incorrect access control in the config.php component of Slah v1.5.0 and below allows unauthenticated attackers to access sensitive information, including active session credentials. |
- risk 0.56cvss 8.6epss 0.00
Slah CMS v1.5.0 and below was discovered to contain a SQL injection vulnerability via the id parameter in the vereador_ver.php endpoint.
- risk 0.49cvss 7.5epss 0.00
Incorrect access control in the config.php component of Slah v1.5.0 and below allows unauthenticated attackers to access sensitive information, including active session credentials.