Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4695 matches found

Positive Technologies
Positive Technologiesadded 2026/04/15 12:0 a.m.6 views

PT-2026-33046

Name of the Vulnerable Software and Affected Versions Beaver Builder versions prior to 2.10.1.3 Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. Blind SQL Injection is a type of attack where the application does not return data directl...

8.5CVSS5.9AI score0.0022EPSS
Exploits0References4
EUVD
EUVDadded 2026/04/14 12:6 a.m.4 views

EUVD-2026-22077

Craft Commerce hasVariant/hasProduct Blind SQL Injection...

8.7CVSS5.9AI score0.00304EPSS
Exploits0References5
CVE
CVEadded 2026/04/14 12:0 a.m.7 views

CVE-2025-65135

CVE-2025-65135 affects manikandan580 School-management-system 1.0. The issue is a time-based blind SQL injection in /studentms/admin/between-date-reprtsdetails.php exploitable via the fromdate POST parameter. According to the data, the vulnerability has CVSS v3.1: Critical (Base Score 9.8) with n...

9.8CVSS5.9AI score0.00285EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2026/04/14 12:0 a.m.4 views

PT-2026-32659

CVE-2025-65135 In manikandan580 School-management-system 1.0, a time-based blind SQL injection vulnerability exists in /studentms/admin/between-date-reprtsdetails.php through the fr… https://t.co/otOrMUqUKm...

9.8CVSS5.8AI score0.00285EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2026/04/13 8:25 p.m.1 views

CVE-2026-32272 Craft Commerce: Blind SQL Injection via hasVariant/hasProduct

Craft Commerce is an ecommerce platform for Craft CMS. In versions 5.0.0 through 5.5.4, an SQL injection vulnerability exists where the ProductQuery::hasVariant and VariantQuery::hasProduct properties bypass the input sanitization blocklist added to ElementIndexesController in a prior security fi...

8.7CVSS6AI score0.00304EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/04/13 7:24 p.m.2 views

CVE-2026-39466

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Broken Link Checker broken-link-checker allows Blind SQL Injection.This issue affects Broken Link Checker: from n/a through = 2.4.7...

7.6CVSS5.9AI score0.00279EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2026/04/13 12:32 a.m.77 views

blind-sqli-lab

🔬 Blind SQL Injection Lab — Time-Based PostgreSQL + FastAPI...

6AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/04/10 7:23 p.m.4 views

CVE-2026-39497

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Blind SQL Injection.This issue affects FOX: from n/a through = 1.4.5...

7.6CVSS5.9AI score0.00279EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/10 7:23 p.m.3 views

CVE-2026-39487

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ameliabooking Amelia ameliabooking allows Blind SQL Injection.This issue affects Amelia: from n/a through = 2.1.1...

7.6CVSS5.9AI score0.00271EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/10 7:22 p.m.8 views

CVE-2026-39495

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Blind SQL Injection.This issue affects Simply Schedule Appointments: from n/a through = 1.6.9.27...

8.5CVSS5.9AI score0.00253EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/08 9:31 a.m.5 views

EUVD-2026-20160

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Blind SQL Injection.This issue affects Simply Schedule Appointments: from n/a through = 1.6.9.27...

5.9AI score0.00253EPSS
Exploits0References2
EUVD
EUVDadded 2026/04/08 9:31 a.m.6 views

EUVD-2026-20164

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Blind SQL Injection.This issue affects FOX: from n/a through = 1.4.5...

5.9AI score0.00279EPSS
Exploits0References2
NVD
NVDadded 2026/04/08 9:16 a.m.5 views

CVE-2026-39497

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Blind SQL Injection.This issue affects FOX: from n/a through = 1.4.5...

7.6CVSS0.00279EPSS
Exploits0References1
NVD
NVDadded 2026/04/08 9:16 a.m.6 views

CVE-2026-39486

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Chill Download Monitor download-monitor allows Blind SQL Injection.This issue affects Download Monitor: from n/a through = 5.1.8...

8.5CVSS0.00256EPSS
Exploits0References1
NVD
NVDadded 2026/04/08 9:16 a.m.0 views

CVE-2026-39496

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in YayCommerce YayMail yaymail allows Blind SQL Injection.This issue affects YayMail: from n/a through = 4.3.3...

7.6CVSS0.00279EPSS
Exploits0References1
NVD
NVDadded 2026/04/08 9:16 a.m.4 views

CVE-2026-39479

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Brainstorm Force OttoKit suretriggers allows Blind SQL Injection.This issue affects OttoKit: from n/a through = 1.1.20...

7.6CVSS0.00279EPSS
Exploits0References1
NVD
NVDadded 2026/04/08 9:16 a.m.2 views

CVE-2026-39475

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Feedback: from n/a through = 1.10.1...

8.5CVSS0.00264EPSS
Exploits0References1
NVD
NVDadded 2026/04/08 9:16 a.m.2 views

CVE-2026-39466

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Broken Link Checker broken-link-checker allows Blind SQL Injection.This issue affects Broken Link Checker: from n/a through = 2.4.7...

7.6CVSS0.00279EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/08 8:30 a.m.3 views

CVE-2026-39495

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Blind SQL Injection.This issue affects Simply Schedule Appointments: from n/a through = 1.6.9.27...

5.9AI score0.00253EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/04/08 8:30 a.m.4 views

CVE-2026-39495 WordPress Simply Schedule Appointments plugin <= 1.6.9.27 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Blind SQL Injection.This issue affects Simply Schedule Appointments: from n/a through = 1.6.9.27...

8.5CVSS5.9AI score0.00253EPSS
Exploits0References1
Rows per page
Query Builder