Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
CVE-2026-42773: eMagicOne Store Manager SQL Injection Risk: Unauthorised Data Access
CVE-2026-42773
Summary
The eMagicOne Store Manager has a security flaw that could allow an attacker to access data they shouldn't. This could happen if an attacker sends malicious input to the software, potentially leading to unauthorised data access. Update to a fixed version of the software to mitigate this risk.
Original title
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eMagicOne eMagicOne Store Manager allows Blind SQL Injection.
This issue affects eMagicOne Sto...
Original description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eMagicOne eMagicOne Store Manager allows Blind SQL Injection.
This issue affects eMagicOne Store Manager: from n/a through 1.3.2.
This issue affects eMagicOne Store Manager: from n/a through 1.3.2.
nvd CVSS3.1
9.3
Vulnerability type
CWE-89
SQL Injection
Published: 25 May 2026 · Updated: 1 Jun 2026 · First seen: 26 May 2026