Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Mon, 18 May 2026 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sat, 16 May 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the search_query parameter. Attackers can send POST requests to /search.php with malicious search_query values using CASE WHEN statements to extract sensitive database information. | |
| Title | LayerBB 1.1.4 SQL Injection via search_query Parameter | |
| First Time appeared |
Layerbb
Layerbb layerbb |
|
| Weaknesses | CWE-89 | |
| CPEs | cpe:2.3:a:layerbb:layerbb:1.0.4:*:*:*:*:*:*:* cpe:2.3:a:layerbb:layerbb:1.0.5:*:*:*:*:*:*:* cpe:2.3:a:layerbb:layerbb:1.0.6:*:*:*:*:*:*:* cpe:2.3:a:layerbb:layerbb:1.1.0:*:*:*:*:*:*:* cpe:2.3:a:layerbb:layerbb:1.1.1:*:*:*:*:*:*:* cpe:2.3:a:layerbb:layerbb:1.1.2:*:*:*:*:*:*:* cpe:2.3:a:layerbb:layerbb:1.1.3:*:*:*:*:*:*:* cpe:2.3:a:layerbb:layerbb:1.1.4:*:*:*:*:*:*:* |
|
| Vendors & Products |
Layerbb
Layerbb layerbb |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-05-18T18:48:00.928Z
Reserved: 2026-02-01T11:24:18.720Z
Link: CVE-2021-47954
Updated: 2026-05-18T18:47:46.658Z
Status : Deferred
Published: 2026-05-16T16:16:21.650
Modified: 2026-06-17T04:18:49.410
Link: CVE-2021-47954
No data.
OpenCVE Enrichment
Updated: 2026-05-16T17:00:13Z