CRITICAL SeverityCVSS 3.19.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L

CVE-2026-40797

Last updated May 05, 2026 · Published May 05, 2026

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saleswonder LLC WebinarIgnition allows Blind SQL Injection. This issue affects WebinarIgnition: from n/a through 4.08.253.

Affected products

1 listed

Saleswonder LLC:WebinarIgnition

Mappings

CWE

CWE-89

CAPEC

CAPEC-7

Research

SQL InjectionCovers how unsafe query construction enables data theft and database compromise. Provides parameterization and…

Guides

SQL Injection Prevention with PrismaSafe patterns for raw queries and dynamic filters.

Training

Injection TodaySQL, NoSQL, ORM, and LLM injection - what's changed and what hasn't.

CVE-2026-40797

Description

Affected products

Mappings

Related