SQL Injection Vulnerability in sergomanov SmartHomeAdatum Login Component
CVE-2026-15498

6.9MEDIUM

Key Information:

Vendor

Sergomanov

Vendor
CVE Published:
12 July 2026

What is CVE-2026-15498?

A SQL injection vulnerability exists in the Login component of sergomanov SmartHomeAdatum, specifically within the users.php file. This flaw allows attackers to manipulate input parameters, potentially compromising user data. The vulnerability can be exploited remotely, making it critical for users to ensure their systems are secured against potential exploitation. The product operates on a rolling release model, thus versioning details are not traditionally documented, highlighting a need for continuous vigilance regarding updates.

Affected Version(s)

SmartHomeAdatum cf495353d81b680675eb8d9aa14a318aa45ce12c

References

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Dest1ny_2 (VulDB User)
VulDB CNA Team
.