Vulnerability Details CVE-2026-30655
SQL injection in Solicitante::resetaSenha() in esiclivre/esiclivre v0.2.2 and earlier allows unauthenticated remote attackers to gain unauthorized access to sensitive information via the cpfcnpj parameter in /reset/index.php
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 40.2%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2026-30655
-
cpe:2.3:a:esiclivre:esiclivre:0.1.0
-
cpe:2.3:a:esiclivre:esiclivre:0.2.0
-
cpe:2.3:a:esiclivre:esiclivre:0.2.1
-
cpe:2.3:a:esiclivre:esiclivre:0.2.2