Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

216346 matches found

Positive Technologies
Positive Technologiesadded 2026/04/20 12:0 a.m.4 views

PT-2026-33690

A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of the component HTTP GET Parameter Handler. The manipulation of the argument bus id leads to sql...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References5
CVE
CVEadded 2026/04/20 12:0 a.m.7 views

CVE-2026-39111

CVE-2026-39111 concerns an SQL injection vulnerability in the Apartment Visitors Management System V1.1. The flaw is triggered in the forgot-password.php page via the email parameter, allowing an unauthenticated attacker to manipulate backend SQL queries and retrieve sensitive user data. The conn...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/20 12:0 a.m.2 views

CVE-2026-39111

SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page forgot-password.php. This allows an unauthenticated attacker to manipulate backend SQL queries and retrieve sensitive user data...

5.8AI score0.00294EPSS
Exploits0References3
GithubExploit
GithubExploitadded 2026/04/19 11:38 p.m.86 views

Portswigger_SQLI_LABs_code_review

PortSwigger SQL Injection Labs — Local Docker Recreations Sel...

5.9AI score
Exploits0
EUVD
EUVDadded 2026/04/19 9:30 a.m.4 views

EUVD-2026-23688

A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...

7.5CVSS6.8AI score0.00274EPSS
Exploits0References5
NVD
NVDadded 2026/04/19 9:16 a.m.3 views

CVE-2026-6562

A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...

7.5CVSS0.00274EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/04/19 8:15 a.m.7 views

CVE-2026-6562 dameng100 muucmf index.html getListByPage sql injection

A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...

7.5CVSS5.6AI score0.00274EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/19 8:15 a.m.38 views

CVE-2026-6562 dameng100 muucmf index.html getListByPage sql injection

A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...

7.5CVSS0.00274EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/04/19 8:15 a.m.2 views

CVE-2026-6562

A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...

7.5CVSS6.8AI score0.00274EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2026/04/19 8:15 a.m.7 views

CVE-2026-6562

CVE-2026-6562 affects dameng100 muucmf 1.9.5.20260309. The vulnerable component is getListByPage in /index/Search/index.html. Manipulating the keyword argument enables SQL injection from remote, with exploit published. Vendor was contacted but did not respond.

7.5CVSS6.8AI score0.00274EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/04/19 12:0 a.m.4 views

PT-2026-33643

Name of the Vulnerable Software and Affected Versions Apache Doris MCP Server versions prior to 0.6.1 Description An improper neutralization flaw in query context handling within the MCP query execution interface may allow the execution of unintended SQL statements. This can lead to the bypass of...

5.3CVSS6AI score0.00655EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2026/04/19 12:0 a.m.3 views

PT-2026-33620

A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...

7.5CVSS6.8AI score0.00274EPSS
Exploits0References5
GithubExploit
GithubExploitadded 2026/04/18 12:58 p.m.100 views

tachyon

Tachyon Tachyon is a Go-based command-line web vulnerability...

5.8AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/04/18 7:22 a.m.2 views

CVE-2026-37343

SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/manageuser.php...

7.2CVSS5.8AI score0.00249EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/18 7:22 a.m.1 views

CVE-2026-37344

SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/managelocation.php...

7.2CVSS5.8AI score0.00249EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/18 7:22 a.m.4 views

CVE-2026-37340

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/editmusic.php...

9.8CVSS5.8AI score0.0026EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/18 7:22 a.m.5 views

CVE-2026-37342

SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/viewparkeddetails.php...

7.2CVSS5.8AI score0.00249EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/18 7:22 a.m.2 views

CVE-2026-37341

SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/managecategory.php...

7.2CVSS5.8AI score0.00249EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/18 7:22 a.m.3 views

CVE-2026-33084

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the sort parameter of the /de2api/datasetData/enumValueObj endpoint. The DatasetDataManage service layer directly transfers the user-supplied sort value to the...

8.8CVSS5.9AI score0.00328EPSS
Exploits1References1
Snyk
Snykadded 2026/04/18 1:7 a.m.3 views

SQL Injection

Overview dagster-gcp is a Package for GCP-specific Dagster framework op and resource components. Affected versions of this package are vulnerable to SQL Injection via the construction of SQL WHERE clauses in database I/O manager integrations. An attacker can execute arbitrary SQL commands by...

8.7CVSS6.1AI score0.00265EPSS
Exploits1References2
Rows per page
Query Builder