CVE-2026-7435 - SSCMS v7.4.0 SQL Injection via stl:sqlContent queryString

CVE ID :CVE-2026-7435 Published : April 30, 2026, 8:09 p.m. | 33 minutes ago Description :SSCMS v7.4.0 contains a SQL injection vulnerability in the stl:sqlContent tag where the queryString attribute is passed directly to database execution without parameterization or sanitization. Attackers c