Primary

Context

Sunbird Power IQ SQL Injection Vulnerability in API

Vulnerability

A SQL injection vulnerability has been identified in the Sunbird Power IQ API version 9.2.0. This vulnerability arises from an outdated API endpoint that improperly handled input arrays, allowing attackers to manipulate SQL queries. The issue has been resolved in Power IQ version 9.2.1, which includes an updated API that ensures safe input handling.

Impact

Exploitation of this vulnerability allows for error-based SQL injection, where an attacker can manipulate SQL queries and potentially access or modify database information.

Remediation

Users can upgrade to Sunbird Power IQ version 9.2.1 to address this vulnerability.

Added: Dec 15, 2025, 8:18 PM

Updated: Dec 15, 2025, 8:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

5.2

remediation

7.7

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

5.2

remediation

7.7

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sunbird Power IQ SQL Injection Vulnerability in API

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating