Lucene search
K

216697 matches found

CNNVD
CNNVD
added 2026/03/25 12:0 a.m.6 views

WordPress plugin Lumise Product Designer SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. Versions of...

9.3CVSS5.9AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.6 views

Code-Projects Simple Laundry System SQL注入漏洞

Code-Projects Simple Laundry System is an open-source system developed by Code-Projects, designed for managing laundry shop operations. It offers features such as order management, customer management, and inventory management. Version 1.0 of the code-projects Simple Laundry System contains a SQL...

9.8CVSS7.2AI score0.00333EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

WordPress plugin JS Help Desk 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.5CVSS5.9AI score0.00217EPSS
Exploits0References1
NVD
NVD
added 2026/03/24 11:17 p.m.2 views

CVE-2026-4778

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file updatecategory.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is...

6.5CVSS0.00303EPSS
Exploits1References5
NVD
NVD
added 2026/03/24 11:17 p.m.3 views

CVE-2026-4779

A security vulnerability has been detected in SourceCodester Sales and Inventory System 1.0. This issue affects some unknown processing of the file updatecustomerdetails.php of the component HTTP GET Parameter Handler. Such manipulation of the argument sid leads to sql injection. The attack can b...

8.8CVSS0.00361EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/24 11:11 p.m.24 views

CVE-2026-4781 SourceCodester Sales and Inventory System HTTP GET Parameter update_purchase.php sql injection

A flaw has been found in SourceCodester Sales and Inventory System 1.0. The affected element is an unknown function of the file updatepurchase.php of the component HTTP GET Parameter Handler. Executing a manipulation of the argument sid can lead to sql injection. The attack may be performed from...

6.5CVSS0.00295EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/24 11:11 p.m.7 views

CVE-2026-4781 SourceCodester Sales and Inventory System HTTP GET Parameter update_purchase.php sql injection

A flaw has been found in SourceCodester Sales and Inventory System 1.0. The affected element is an unknown function of the file updatepurchase.php of the component HTTP GET Parameter Handler. Executing a manipulation of the argument sid can lead to sql injection. The attack may be performed from...

6.5CVSS6.4AI score0.00295EPSS
Exploits1References5
CVE
CVE
added 2026/03/24 11:11 p.m.9 views

CVE-2026-4781

CVE-2026-4781 affects SourceCodester Sales and Inventory System 1.0, specifically the update_purchase.php file’s HTTP GET parameter sid. The root cause is manipulation of sid leading to SQL injection, enabling remote exploitation. Multiple sources confirm the flaw and indicate an exploit has been...

8.8CVSS6.4AI score0.00295EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/03/24 11:11 p.m.8 views

CVE-2026-4780

CVE-2026-4780 affects SourceCodester Sales and Inventory System 1.0. The vulnerability is in the HTTP GET Parameter Handler of the file update_out_standing.php, where manipulating the sid argument enables a SQL injection. This can be carried out remotely, and public exploits exist. Multiple sourc...

8.8CVSS6.4AI score0.00295EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/03/24 11:11 p.m.26 views

CVE-2026-4780 SourceCodester Sales and Inventory System HTTP GET Parameter update_out_standing.php sql injection

A vulnerability was detected in SourceCodester Sales and Inventory System 1.0. Impacted is an unknown function of the file updateoutstanding.php of the component HTTP GET Parameter Handler. Performing a manipulation of the argument sid results in sql injection. The attack is possible to be carrie...

6.5CVSS0.00295EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/24 11:11 p.m.4 views

CVE-2026-4780

A vulnerability was detected in SourceCodester Sales and Inventory System 1.0. Impacted is an unknown function of the file updateoutstanding.php of the component HTTP GET Parameter Handler. Performing a manipulation of the argument sid results in sql injection. The attack is possible to be carrie...

6.5CVSS6.4AI score0.00295EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/03/24 10:22 p.m.20 views

CVE-2026-4779 SourceCodester Sales and Inventory System HTTP GET Parameter update_customer_details.php sql injection

A security vulnerability has been detected in SourceCodester Sales and Inventory System 1.0. This issue affects some unknown processing of the file updatecustomerdetails.php of the component HTTP GET Parameter Handler. Such manipulation of the argument sid leads to sql injection. The attack can b...

6.5CVSS0.00361EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/24 10:22 p.m.22 views

CVE-2026-4778 SourceCodester Sales and Inventory System HTTP GET Parameter update_category.php sql injection

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file updatecategory.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is...

6.5CVSS0.00303EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/24 10:22 p.m.6 views

CVE-2026-4778 SourceCodester Sales and Inventory System HTTP GET Parameter update_category.php sql injection

A weakness has been identified in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file updatecategory.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is...

6.5CVSS6.4AI score0.00303EPSS
Exploits1References5
CVE
CVE
added 2026/03/24 10:22 p.m.11 views

CVE-2026-4778

SourceCodester Sales and Inventory System 1.0 contains a SQL injection in update_category.php via manipulation of the HTTP GET parameter sid. This affects the code path handling the sid in update_category.php, enabling remote exploitation. The vulnerability is exploitable remotely with public PoC...

6.5CVSS6.4AI score0.00303EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/03/24 10:16 p.m.4 views

CVE-2026-4777

A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file viewsupplier.php of the component POST Parameter Handler. The manipulation of the argument searchtxt results in sql injection. The attack may be launched remotely. The...

6.5CVSS0.00245EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/24 9:42 p.m.2 views

CVE-2026-4777

A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file viewsupplier.php of the component POST Parameter Handler. The manipulation of the argument searchtxt results in sql injection. The attack may be launched remotely. The...

6.5CVSS6.5AI score0.00245EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/03/24 9:42 p.m.12 views

CVE-2026-4777

CVE-2026-4777 affects SourceCodester Sales and Inventory System 1.0, specifically the POST Parameter Handler’s file view_supplier.php. The vulnerability arises from manipulating the searchtxt argument, enabling SQL injection. The issue can be exploited remotely and, according to the sources, the ...

6.5CVSS5.7AI score0.00245EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/24 8:26 p.m.3 views

CVE-2026-23921

A flaw was found in Zabbix. A low privilege Zabbix user with API access can exploit a blind SQL injection vulnerability in the API service. This vulnerability allows an attacker to execute arbitrary SQL selects and exfiltrate sensitive database data through time-based techniques. This could...

8.7CVSS6AI score0.0024EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/24 7:23 p.m.4 views

SQL Injection

Overview mobsf is a Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Affected versions of this package are vulnerable to SQL Injecti...

6.5CVSS6AI score0.00276EPSS
Exploits1References2
Rows per page
Query Builder