Share
## https://sploitus.com/exploit?id=PACKETSTORM:217738
# CVE-2026-30655 โ€” SQL Injection in esiclivre (password reset)
    
    ## Summary
    A SQL injection vulnerability exists in the password reset endpoint of esiclivre. An unauthenticated attacker can inject SQL via the `cpfcnpj` POST parameter, potentially resulting in unauthorized access to sensitive information.
    
    ## Affected Project
    - Repository: https://github.com/esiclivre/esiclivre
    - Affected versions: v0.2.2 and earlier
    - Affected commit: up to and including 0a72b4c9ab89244ec3bd3d7fa0b765850cc9afd7
    
    ## Technical Details
    - Endpoint: `POST /reset/index.php`
    - Parameter: `cpfcnpj`
    - Root cause: user input is concatenated into a SQL query in `Solicitante::resetaSenha()` without parameterization.
    
    ## Impact
    - Potential unauthorized access to sensitive database information (information disclosure).
    
    ## Mitigation / Fix
    No upstream fix is available at the time of publication.
    Recommended remediation:
    - Use parameterized queries (prepared statements) for database access.
    - Validate and sanitize user input.
    - Consider temporarily restricting access to the password reset endpoint until patched.
    
    ## Timeline
    - 2025-04-12: Reported to vendor/maintainers
    - 2026-02-09: CVE request submitted
    - 2026-03-23: CVE-2026-30655 assigned
    
    ## Credits
    Discovered by Bryan Romero (https://github.com/brynax).