216697 matches found
WordPress plugin Lumise Product Designer SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. Versions of...
Code-Projects Simple Laundry System SQL注入漏洞
Code-Projects Simple Laundry System is an open-source system developed by Code-Projects, designed for managing laundry shop operations. It offers features such as order management, customer management, and inventory management. Version 1.0 of the code-projects Simple Laundry System contains a SQL...
WordPress plugin JS Help Desk 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
CVE-2026-4778
A weakness has been identified in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file updatecategory.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is...
CVE-2026-4779
A security vulnerability has been detected in SourceCodester Sales and Inventory System 1.0. This issue affects some unknown processing of the file updatecustomerdetails.php of the component HTTP GET Parameter Handler. Such manipulation of the argument sid leads to sql injection. The attack can b...
CVE-2026-4781 SourceCodester Sales and Inventory System HTTP GET Parameter update_purchase.php sql injection
A flaw has been found in SourceCodester Sales and Inventory System 1.0. The affected element is an unknown function of the file updatepurchase.php of the component HTTP GET Parameter Handler. Executing a manipulation of the argument sid can lead to sql injection. The attack may be performed from...
CVE-2026-4781 SourceCodester Sales and Inventory System HTTP GET Parameter update_purchase.php sql injection
A flaw has been found in SourceCodester Sales and Inventory System 1.0. The affected element is an unknown function of the file updatepurchase.php of the component HTTP GET Parameter Handler. Executing a manipulation of the argument sid can lead to sql injection. The attack may be performed from...
CVE-2026-4781
CVE-2026-4781 affects SourceCodester Sales and Inventory System 1.0, specifically the update_purchase.php file’s HTTP GET parameter sid. The root cause is manipulation of sid leading to SQL injection, enabling remote exploitation. Multiple sources confirm the flaw and indicate an exploit has been...
CVE-2026-4780
CVE-2026-4780 affects SourceCodester Sales and Inventory System 1.0. The vulnerability is in the HTTP GET Parameter Handler of the file update_out_standing.php, where manipulating the sid argument enables a SQL injection. This can be carried out remotely, and public exploits exist. Multiple sourc...
CVE-2026-4780 SourceCodester Sales and Inventory System HTTP GET Parameter update_out_standing.php sql injection
A vulnerability was detected in SourceCodester Sales and Inventory System 1.0. Impacted is an unknown function of the file updateoutstanding.php of the component HTTP GET Parameter Handler. Performing a manipulation of the argument sid results in sql injection. The attack is possible to be carrie...
CVE-2026-4780
A vulnerability was detected in SourceCodester Sales and Inventory System 1.0. Impacted is an unknown function of the file updateoutstanding.php of the component HTTP GET Parameter Handler. Performing a manipulation of the argument sid results in sql injection. The attack is possible to be carrie...
CVE-2026-4779 SourceCodester Sales and Inventory System HTTP GET Parameter update_customer_details.php sql injection
A security vulnerability has been detected in SourceCodester Sales and Inventory System 1.0. This issue affects some unknown processing of the file updatecustomerdetails.php of the component HTTP GET Parameter Handler. Such manipulation of the argument sid leads to sql injection. The attack can b...
CVE-2026-4778 SourceCodester Sales and Inventory System HTTP GET Parameter update_category.php sql injection
A weakness has been identified in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file updatecategory.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is...
CVE-2026-4778 SourceCodester Sales and Inventory System HTTP GET Parameter update_category.php sql injection
A weakness has been identified in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file updatecategory.php of the component HTTP GET Parameter Handler. This manipulation of the argument sid causes sql injection. Remote exploitation of the attack is...
CVE-2026-4778
SourceCodester Sales and Inventory System 1.0 contains a SQL injection in update_category.php via manipulation of the HTTP GET parameter sid. This affects the code path handling the sid in update_category.php, enabling remote exploitation. The vulnerability is exploitable remotely with public PoC...
CVE-2026-4777
A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file viewsupplier.php of the component POST Parameter Handler. The manipulation of the argument searchtxt results in sql injection. The attack may be launched remotely. The...
CVE-2026-4777
A security flaw has been discovered in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file viewsupplier.php of the component POST Parameter Handler. The manipulation of the argument searchtxt results in sql injection. The attack may be launched remotely. The...
CVE-2026-4777
CVE-2026-4777 affects SourceCodester Sales and Inventory System 1.0, specifically the POST Parameter Handler’s file view_supplier.php. The vulnerability arises from manipulating the searchtxt argument, enabling SQL injection. The issue can be exploited remotely and, according to the sources, the ...
CVE-2026-23921
A flaw was found in Zabbix. A low privilege Zabbix user with API access can exploit a blind SQL injection vulnerability in the API service. This vulnerability allows an attacker to execute arbitrary SQL selects and exfiltrate sensitive database data through time-based techniques. This could...
SQL Injection
Overview mobsf is a Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Affected versions of this package are vulnerable to SQL Injecti...