Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
User Feedback software vulnerable to hacking through user input
CVE-2026-39475
Summary
A serious security flaw in User Feedback software allows attackers to access sensitive data by manipulating user input. This could lead to unauthorized access to user information and potentially compromise the security of the system. To protect your data, update to a version of User Feedback that fixes this issue as soon as possible.
Original title
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User ...
Original description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Feedback: from n/a through <= 1.10.1.
Vulnerability type
CWE-89
SQL Injection
Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026