CVE-2026-4234 in SSCMSinfo

Summary

by MITRE • 03/16/2026

A security flaw has been discovered in SSCMS 7.4.0. This vulnerability affects unknown code of the file SitesAddController.Submit.cs of the component DDL Handler. The manipulation of the argument tableHandWrite results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsible

VulDB

Disclosure

03/16/2026

Moderation

accepted

Entry

VDB-351157

CPE

ready

CWE

CWE-89 (confirmed)

Exploit

Download

CVSS

6.3 (VulDB)

EPSS

0.00039

KEV

Activities

very low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-4234
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-4234
CVE Details	https://www.cvedetails.com/cve/CVE-2026-4234/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!