4695 matches found
CVE-2025-26755
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in jgwhite33 WP Airbnb Review Slider wp-airbnb-review-slider allows Blind SQL Injection.This issue affects WP Airbnb Review Slider: from n/a through = 3.9...
CVE-2025-26755
CVE-2025-26755 concerns the WordPress plugin WP Airbnb Review Slider. The vulnerability is an SQL Injection due to improper neutralization of input in the plugin, allowing Blind SQL Injection on versions
CVE-2025-25116
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in sudipto Link to URL / Post link-to-url-post allows Blind SQL Injection.This issue affects Link to URL / Post: from n/a through = 1.3...
CVE-2025-25116
CVE-2025-25116 affects the WordPress plugin Link to URL / Post (versions n/a through 1.3). Root cause: Improper Neutralization of Special Elements used in an SQL Command, enabling Blind SQL Injection. Impact aligns with CVSS v3.1: High overall (7.6), with confidentiality impact High and availabil...
CVE-2025-24587
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nks Email Subscription Popup email-subscribe allows Blind SQL Injection.This issue affects Email Subscription Popup: from n/a through = 1.2.23...
CVE-2025-22347
Cross-Site Request Forgery CSRF vulnerability in bannersky BSK Forms Blacklist bsk-gravityforms-blacklist allows Blind SQL Injection.This issue affects BSK Forms Blacklist: from n/a through = 3.9...
CVE-2022-1376
Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in DIAEprivgrpHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...
CVE-2022-1258
A blind SQL injection vulnerability in the ePolicy Orchestrator ePO extension of MA prior to 5.7.6 can be exploited by an authenticated administrator on ePO to perform arbitrary SQL queries in the back-end database, potentially leading to command execution on the server...
CVE-2022-1375
Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in DIAEslogHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...
CVE-2022-1366
Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerChart.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...
CVE-2022-1371
Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in ReadRegf. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...
CVE-2024-50332
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Insufficient input value validation causes Blind SQL injection in DeleteRelationShip. This issue has been addressed in versions 7.14.6 and 8.7.1. Users are advised to upgrade. There are no know...
CVE-2024-50479
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in chenyenming Woocommerce Quote Calculator woo-quote-calculator-order allows Blind SQL Injection.This issue affects Woocommerce Quote Calculator: from n/a through = 1.1...
CVE-2024-50524
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Quý Lê 91 Administrator Z administrator-z allows Blind SQL Injection.This issue affects Administrator Z: from n/a through 2024.10.21...
CVE-2024-49617
Cross-Site Request Forgery CSRF vulnerability in anciwasim Back Link Tracker back-link-tracker allows Blind SQL Injection.This issue affects Back Link Tracker: from n/a through = 1.0.0...
CVE-2024-49620
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in mrcheck116 FERMA.ru.net ferma-ru-net-checkout allows Blind SQL Injection.This issue affects FERMA.ru.net: from n/a through = 1.3.3...
CVE-2024-49619
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in acespritech Social Link Groups social-link-groups allows Blind SQL Injection.This issue affects Social Link Groups: from n/a through = 1.1.0...
CVE-2024-49615
Cross-Site Request Forgery CSRF vulnerability in Henrique Rodrigues SafetyForms safetymails-forms allows Blind SQL Injection.This issue affects SafetyForms: from n/a through = 1.0.0...
CVE-2024-49618
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jordan Lyall MyTweetLinks mytweetlinks allows Blind SQL Injection.This issue affects MyTweetLinks: from n/a through = 1.1.1...
CVE-2024-51625
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in edckwt Quran Shortcode quran-shortcode allows Blind SQL Injection.This issue affects Quran Shortcode: from n/a through = 1.5...