Browse all 5 CVE security advisories affecting sa2blv. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Sa2blv primarily develops web applications and APIs for enterprise clients, with a core focus on e-commerce platforms. Historically, the organization has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues across its products. Five CVEs have been recorded, with several involving insufficient input validation and insecure deserialization. While no major public security incidents have been documented, consistent patterns of inadequate sanitization in user-facing components have been observed. The vulnerabilities typically stem from improper handling of user-supplied data and insufficient access controls in administrative interfaces.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-27506 | SVXportal <= 2.5 Profile Update Stored XSS — SVXportalCWE-79 | 6.1 | Medium | 2026-02-20 |
| CVE-2026-27505 | SVXportal <= 2.5 admin/user_action.php Stored XSS — SVXportalCWE-79 | 6.1 | Medium | 2026-02-20 |
| CVE-2026-27504 | SVXportal <= 2.5 radiomobile_front.php stationid Reflected XSS — SVXportalCWE-79 | 6.1 | Medium | 2026-02-20 |
| CVE-2026-27503 | SVXportal <= 2.5 admin/log.php Search Reflected XSS — SVXportalCWE-79 | 6.1 | Medium | 2026-02-20 |
| CVE-2026-27502 | SVXportal <= 2.5 log.php Search Reflected XSS — SVXportalCWE-79 | 6.1 | Medium | 2026-02-20 |
This page lists every published CVE security advisory associated with sa2blv. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.