4695 matches found
CVE-2020-37004 Ultimate Project Manager CRM PRO 2.0.5 - SQLi Credentials Leakage
The Ultimate Project Manager CRM PRO version 2.0.5 contains a blind SQL injection vulnerability that allows attackers to extract usernames and password hashes from the tblusers database table. Attackers can exploit the /frontend/getarticlesuggestion/ endpoint by crafting malicious search paramete...
CVE-2020-36972
SmartBlog 2.0.1 contains a blind SQL injection vulnerability in the 'idpost' parameter of the details controller that allows attackers to extract database information. Attackers can systematically test and retrieve database contents by injecting crafted SQL queries that compare...
SQLi
SQL Injection CTF Challenge - Quick Start Guide Files Over...
CVE-2020-36951
Phpscript-sgh 0.1.0 contains a time-based blind SQL injection vulnerability in the admin interface that allows attackers to manipulate database queries through the 'id' parameter. Attackers can exploit this vulnerability by crafting malicious payloads that trigger time delays, enabling them to...
CVE-2020-36951 Phpscript-sgh 0.1.0 - Time Based Blind SQL Injection
Phpscript-sgh 0.1.0 contains a time-based blind SQL injection vulnerability in the admin interface that allows attackers to manipulate database queries through the 'id' parameter. Attackers can exploit this vulnerability by crafting malicious payloads that trigger time delays, enabling them to...
CVE-2020-36951
Phpscript-sgh 0.1.0 contains a time-based blind SQL injection vulnerability in the admin interface that allows attackers to manipulate database queries through the 'id' parameter. Attackers can exploit this vulnerability by crafting malicious payloads that trigger time delays, enabling them to...
CVE-2026-24572
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nelio Software Nelio Content nelio-content allows Blind SQL Injection.This issue affects Nelio Content: from n/a through = 4.2.0...
CVE-2025-49055
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through = 2.5...
CVE-2025-68999
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Blind SQL Injection.This issue affects Happy Addons for Elementor: from n/a through = 3.20.4...
CVE-2026-24367
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through 3.2.8...
CVE-2026-24572
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nelio Software Nelio Content nelio-content allows Blind SQL Injection.This issue affects Nelio Content: from n/a through = 4.2.0...
CVE-2026-24624
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in saeros1984 Neoforum neoforum allows Blind SQL Injection.This issue affects Neoforum: from n/a through = 1.0...
CVE-2026-24624 WordPress Neoforum plugin <= 1.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in saeros1984 Neoforum neoforum allows Blind SQL Injection.This issue affects Neoforum: from n/a through = 1.0...
CVE-2026-24572
CVE-2026-24572 is an SQL injection vulnerability in Nelio Content (WordPress plugin) that allows blind SQL injection through improper neutralization of input. Public details confirm the issue affects Nelio Content versions up to and including 4.1.0. Root cause per linked sources is improper sanit...
CVE-2026-24572
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nelio Software Nelio Content nelio-content allows Blind SQL Injection.This issue affects Nelio Content: from n/a through = 4.1.0...
CVE-2026-24572 WordPress Nelio Content plugin <= 4.2.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nelio Software Nelio Content nelio-content allows Blind SQL Injection.This issue affects Nelio Content: from n/a through = 4.2.0...
CVE-2021-47872
SEO Panel versions prior to 4.9.0 contain a blind SQL injection vulnerability in the archive.php page that allows authenticated attackers to manipulate database queries through the 'ordercol' parameter. Attackers can use sqlmap to exploit the vulnerability and extract database information by...
CVE-2026-24367
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through 3.2.8...
CVE-2026-22470
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FireStorm Plugins FireStorm Professional Real Estate fs-real-estate-plugin allows Blind SQL Injection.This issue affects FireStorm Professional Real Estate: from n/a through = 2.7.11...
CVE-2025-68999
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Blind SQL Injection.This issue affects Happy Addons for Elementor: from n/a through = 3.20.4...