CVE-2026-33078 - Roxy-WI has SQL Injection in haproxy_section_save Endpoint via Unsanitized server_ip Parameter
CVE ID :CVE-2026-33078 Published : April 24, 2026, 3:16 a.m. | 36 minutes ago Description :Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 8.2.6.4 have a SQL injection vulnerability in the haproxy_section_save function in app/routes/conf
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Hackers Exploit SS7 and Diameter Flaws to Track Mobile Users Globally
- [CYBER] Ransomware Gang Unveils Custom Data-Theft Tool
- [CYBER] Hackers Impersonate IT Helpdesk Staff to Breach Firms via Microsoft Teams
- [CYBER] Tanzania: Dar es Salaam Leads As 518 People Reportedly Dead During Oct 29 Unrest
- [CYBER] Bitwarden CLI Compromised After Malicious GitHub Actions Workflow
- [CYBER] CVE-2026-41316 - ERB has an @_init deserialization guard bypass via def_module / def_method / def_class