CVE-2026-37505
MEDIUMv2board < 1.7.4 - Authenticated SQL Injection via ORDER BY Clause
Title source: llmDescription
SQL Injection via ORDER BY clause in V2Board thru 1.7.4. In app/Http/Controllers/Admin/UserController.php, the sort parameter from user input is passed directly to User::orderBy($sort, $sortType) without validation. An authenticated admin can sort users by any database column including password, remember_token, and other sensitive fields, enabling information disclosure through ordering analysis.
References (2)
Core 2
Scores
CVSS v3
4.9
EPSS
0.0024
EPSS Percentile
15.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-89
Status
published
Products (1)
v2board/v2board
< 1.7.4
Published
May 01, 2026
Tracked Since
May 01, 2026