CVE-2026-6982: Medium Vulnerability in star7th ShowDoc

CVE-2026-6982 is a medium-severity vulnerability identified in star7th ShowDoc versions up to 2.10.10/3.6.2/3.8.0. This vulnerability allows for SQL injection attacks through the API Page Sort Endpoint, specifically by manipulating the argument pages. The attack can be executed remotely, putting organizations at risk of unauthorized data access and manipulation.

The CVSS score of 5.3 indicates the risk associated with this vulnerability as medium. Attackers may leverage this weakness to gain unauthorized access to sensitive data, making it imperative for organizations to address this issue promptly.

Currently, there is no public exploit confirmed for CVE-2026-6982, and the vendor has stated that they will not backport patches to the older affected versions. Therefore, organizations should prioritize patching immediately by upgrading to version 3.8.1 to safeguard against potential attacks.

Failure to upgrade could lead to significant risks, including data breaches and operational disruptions. Organizations are encouraged to evaluate their systems against this vulnerability and implement necessary updates.

Vulnerability Details

The vulnerability in question affects the file server/Application/Api/Controller/PageController.class.PHP used by the star7th ShowDoc component. The specific weakness is classified under CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component) and CWE-89 (SQL Injection).

Published on April 25, 2026, this vulnerability is a significant concern for organizations utilizing the affected versions of ShowDoc. The recommendation from the vendor to upgrade to version 3.8.1 is critical to mitigate the associated risks.

Technical Analysis

The root cause of this vulnerability lies in the improper handling of input parameters within the API Page Sort Endpoint, which can lead to SQL injection. The attack vector is the network, and the attack complexity is low, requiring only low privileges to exploit.

There is no user interaction required for the attack to be successful, and the impact on confidentiality, integrity, and availability is classified as low. This means while the potential damage is limited, the threat remains significant due to the ease of exploitation.

Risk & Impact Analysis

Risk to organizations includes unauthorized access to sensitive data and potential operational disruptions. The blast radius of this vulnerability could extend to any organization utilizing the affected versions of ShowDoc.

Considering the CVSS score of 5.3, organizations should address this vulnerability in their priority patch cycle. The low exploitability score indicates that while exploitation is possible, it may not be widespread at present.

As the vendor has indicated that they will not backport patches, organizations using older versions must take immediate action to upgrade to version 3.8.1 to minimize their exposure to potential attacks.

Exploitation Status

Affected Versions

All versions prior to vendor patch 3.8.1 are affected by this vulnerability. Organizations must ensure that they upgrade to this patched version to prevent exploitation.

Mitigation & Remediation

Organizations should upgrade to version 3.8.1 of star7th ShowDoc immediately to address this vulnerability. If an upgrade is not possible, implementing network controls to limit access to the affected API endpoints may provide temporary mitigation.

For further guidance on security testing practices, organizations can explore our penetration testing services.

Detection Guidance

Monitoring logs for unusual database activity, particularly around the API Page Sort Endpoint, is essential. Additionally, organizations should look for behavioral anomalies and implement network signatures to detect potential exploitation attempts.

AppSecure Threat Intelligence Insight

The emergence of CVE-2026-6982 highlights the ongoing risks associated with SQL injection vulnerabilities. Security teams should prioritize regular vulnerability assessments and vulnerability management programs to identify and mitigate such risks proactively.

This incident serves as a reminder of the importance of timely software updates and the risks of neglecting legacy systems. Organizations should also consider implementing robust penetration testing methodologies to uncover vulnerabilities that could be exploited.

Ultimately, organizations must remain vigilant and adapt to the evolving threat landscape to safeguard their assets and data.

Known Exploitation Timeline

No known exploitation exists at this time for CVE-2026-6982.

EPSS Risk Context

The EPSS score for CVE-2026-6982 is 0.000280000, placing it in the 0.08 percentile. This suggests a low probability of exploitation in the near term.