CVE-2026-43937

Published: Mag 12, 2026 Last Modified: Mag 12, 2026
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 8,8
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high

Description

AI Translation Available

YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5, Any admin OnPost… handler executes its side effects before the ResultFilterAttribute rewrites the response to a 302 to /Info/4. The most impactful abuse is /Admin/RunSql, whose OnPostRunQuery binds Editor from the POST body and passes it straight to IDbAccess.RunSql with no caller check, yielding arbitrary SQL execution for any low-privileged user. This vulnerability is fixed in 4.0.5.

89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Stable
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Availability Authentication Access Control
Potential Impacts:
Execute Unauthorized Code Or Commands Read Application Data Gain Privileges Or Assume Identity Bypass Protection Mechanism Modify Application Data
Applicable Platforms
Languages: Not Language-Specific, SQL
Technologies: Database Server
Likelihood of Exploit: High
View CWE Details
841

Improper Enforcement of Behavioral Workflow

Incomplete
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Other
Potential Impacts:
Alter Execution Logic
Applicable Platforms
All platforms may be affected
View CWE Details
https://github.com/YAFNET/YAFNET/security/advisories/GHSA-x…
https://github.com/YAFNET/YAFNET/security/advisories/GHSA-xhw7-j96h-c3g5
https://github.com/YAFNET/YAFNET/security/advisories/GHSA-x…
https://github.com/YAFNET/YAFNET/security/advisories/GHSA-xhw7-j96h-c3g5