CVE-2025-22953

A SQL injection vulnerability exists in Epicor HCM 2021 1.9, with patches available: 5.16.0.1033/HCM2022, 5.17.0.1146/HCM2023, and 5.18.0.573/HCM2024. The injection is specifically in the filter parameter of the JsonFetcher.svc endpoint. An attacker can exploit this vulnerability by injecting...

CVE-2024-10901

In eosphoros-ai/db-gpt version v0.6.0, the web API POST /api/v1/editor/chart/run allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write, enabling them to write arbitrary files to the victim's file...

CVE-2024-10835

In eosphoros-ai/db-gpt version v0.6.0, the web API POST /api/v1/editor/sql/run allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the...

CVE-2024-10835

In eosphoros-ai/db-gpt version v0.6.0, the web API POST /api/v1/editor/sql/run allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the...

CVE-2024-10901

In eosphoros-ai/db-gpt version v0.6.0, the web API POST /api/v1/editor/chart/run allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write, enabling them to write arbitrary files to the victim's file...

CVE-2024-10901

CVE-2024-10901 affects eosphoros-ai/db-gpt. In v0.6.0 (and earlier per OSV entry), the web API POST /api/v1/editor/chart/run allows executing arbitrary SQL without access controls, enabling Arbitrary File Write and potentially Remote Code Execution by writing files such as init .py into Python’s ...

CVE-2024-10835

CVE-2024-10835 affects eosphoros-ai/db-gpt v0.6.0. The web API endpoint POST /api/v1/editor/sql/run allows executing arbitrary SQL without access control, enabling Arbitrary File Write via DuckDB SQL and potentially Remote Code Execution (RCE). Affected component: DB-GPT web API handler for edito...

MENNEKES Ladesäule Smart SQL注入漏洞

MENNEKES Ladesäule Smart is a smart charging post from MENNEKES. A SQL injection vulnerability exists in MENNEKES Ladesäule Smart versions prior to 2.15, which stems from an insufficient value neutralization and could lead to the execution of arbitrary SQL commands...

CVE-2024-33807

A SQL injection vulnerability in /model/getteachertimetable.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter...

CVE-2024-35361

MTab Bookmark v1.9.5 has an SQL injection vulnerability in /LinkStore/getIcon. An attacker can execute arbitrary SQL statements through this vulnerability without requiring any user rights...

CVE-2025-22992

CVE-2025-22992 affects Emoncms (version 11.6.9 and later) via SQL Injection in the /feed/insert.json endpoint. The vulnerability stems from improper handling of user-supplied input in the data query parameter, enabling attackers to execute arbitrary SQL commands under specific conditions. Reporte...

CVE-2022-48603

A SQL injection vulnerability exists in the “message viewer iframe” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

CVE-2022-48601

A SQL injection vulnerability exists in the “network print report” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

CVE-2022-48585

A SQL injection vulnerability exists in the “admin brand portal” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...

CVE-2024-32655

Npgsql is the .NET data provider for PostgreSQL. The WriteBind method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This cause...

CVE-2025-22700

CVE-2025-22700 : WordPress Traveler Code plugin up to 3.1.1 contains an SQL injection due to improper neutralization of input elements, enabling authenticated subscribers to execute arbitrary SQL. The issue affects Traveler Code versions up to 3.1.1 and has a high impact (per CVSS 3.1 score 8.5)....

EasyVirt DC Scope和EasyVirt CO2 Scope 安全漏洞

EasyVirt DC Scope and EasyVirt CO2 Scope are both products of the French company EasyVirt.EasyVirt DC Scope is a monitoring and management solution for VMware Virtualization VMware.EasyVirt CO2 Scope is a real-time monitoring and control solution for IT services, virtual machines and servers in...

Amazon Linux 2 : postgresql (ALAS-2025-2733)

The version of postgresql installed on the remote host is prior to 9.2.24-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2733 advisory. Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL...

CVE-2024-11773

SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements...

Vulnerabilities fixed in Microsoft SQL Server

Microsoft has fixed vulnerabilities in SQL Server. A malicious person could exploit the vulnerabilities to execute arbitrary SQL code on the database environment. With the exception of the vulnerabilities marked CVE-2024-49021 and CVE-2024-49043, the vulnerabilities are in the SQL Native Client...