LeakyCreds
NewInstant webhook alerts now available ā€” notified within seconds of any credential detection.Learn more ā†’
Home / Vulnerability Intelligence / CVE-2026-32368

CVE-2026-32368 - Vulnerability Analysis

HighCVSS: 8.5

Last Updated: March 13, 2026

delphiknight Geo to Lat - SQL Injection

Published: March 13, 2026Updated: March 13, 2026Remote Exploitable

Overview

delphiknight Geo to Lat <= 1.0.19 contains a sql injection caused by improper neutralization of special elements in SQL commands, letting attackers perform blind SQL injection remotely, exploit requires crafted input.

Severity & Score

Severity: High
CVSS Score: 8.5
EPSS Score: 2.1%(Probability of exploitation in next 30 days)

Impact

Attackers can perform blind SQL injection to extract or manipulate database information.

Mitigation

Update to the latest version beyond 1.0.19.

References

Social Media Activity(4 posts)

TheHackerWire
TheHackerWire
@thehackerwire
Mar 13, 2026

šŸŸ  CVE-2026-32368 - High (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through <= 1.0.19. šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-32368/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post
TheHackerWire
TheHackerWire
@thehackerwire
Mar 13, 2026

šŸŸ  CVE-2026-32368 - High (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through <= 1.0.19. šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-32368/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post
TheHackerWire
TheHackerWire
@thehackerwire
Mar 13, 2026

šŸŸ  CVE-2026-32368 - High (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through <= 1.0.19. šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-32368/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post
TheHackerWire
TheHackerWire
@thehackerwire
Mar 13, 2026

šŸŸ  CVE-2026-32368 - High (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through <= 1.0.19. šŸ”— https://www.thehackerwire.com/vulnerability/CVE-2026-32368/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID
CVE-2026-32368
Severity
High
CVSS Score
8.5
Type
sql_injection
Status
new
EPSS
2.1%
Social Posts
4

CWE

  • CWE-89

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

EPSS Score

2.1%Probability of exploitation in the next 30 days