Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.6
Bit Form Software Allows Hackers to Execute Unwanted Database Commands
CVE-2026-25418
Summary
A security issue in Bit Form software allows hackers to potentially inject malicious commands into the database, which can lead to unauthorized access or data theft. This is a serious risk, especially for businesses that store sensitive customer information. To protect your data, update Bit Form to a version higher than 2.21.10 as soon as possible.
Original title
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bitpressadmin Bit Form bit-form allows SQL Injection.This issue affects Bit Form: from n/a thro...
Original description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bitpressadmin Bit Form bit-form allows SQL Injection.This issue affects Bit Form: from n/a through <= 2.21.10.
nvd CVSS3.1
7.6
Vulnerability type
CWE-89
SQL Injection
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026