THREATNOIR
Subscribe
Back to Feed
Zero-dayMay 5, 2026

‼️🇫🇷 A threat actor is offering for sale an unpatched Boolean-based blind SQL injection vulnera...

Threat actor selling unpatched SQL injection vulnerability in French government website.

Read at source

Summary

A threat actor is offering an unpatched Boolean-based blind SQL injection vulnerability for sale that targets a high-traffic French government website. The vulnerability affects a POST parameter and enables full database enumeration, potentially exposing user credentials and personally identifiable information. The disclosure suggests active exploitation risk and supply-side vulnerability trading.

Entities

Unknown threat actor (vulnerability seller) (threat_actor)SQL injection (technology)