Lucene search
+L

2874 matches found

Nuclei
Nuclei
added yesterday78 views

Complete Online Job Search System 1.0 - SQL Injection

Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/index.php?q=hiring&search=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id:...

7.2CVSS7.5AI score0.04522EPSS
Exploits1References3
CVE
CVE
added 2 days ago19 views

CVE-2026-7771

Summary (CVE-2026-7771): IBM Db2 is vulnerable to a trap when compiling specially crafted statements containing subqueries, potentially causing a denial of service. Affected are Db2 11.5.0–11.5.9 and 12.1.0–12.1.4 (both Client and Server). Root cause identified as CWE-835 (Loop with Unreachable E...

5.5CVSS5.2AI score0.00148EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-45234

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution when jdbc url is under user control...

7.8CVSS6.3AI score0.00165EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-43588

SAP HANA Database user self service tools allows an unauthenticated user to send specially crafted requests that produce distinguishable responses, enabling enumeration of valid user accounts and email addresses. Successful exploitation could allow the attacker to enumerate valid user accounts,...

3.7CVSS6.1AI score0.0022EPSS
Exploits0References2
NVD
NVD
added 6 days ago5 views

CVE-2026-57385

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in appsbd Vitepos vitepos-lite allows Blind SQL Injection.This issue affects Vitepos: from n/a through = 3.4.2...

8.5CVSS0.0026EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/09 12:0 a.m.8 views

PT-2026-56901

Name of the Vulnerable Software and Affected Versions Metabase versions 1.55.0 through 1.58.15.0 Metabase versions 1.59.0 through 1.59.11 Metabase versions 1.60.0 through 1.60.6.2 Metabase versions 1.61.0 through 1.61.1 Description Metabase fails to validate unsafe H2 connection properties during...

9.1CVSS6.4AI score0.00391EPSS
Exploits1References17
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/06 2:58 p.m.7 views

Security Bulletin: IBM® Db2® could disclose sensitive information to an authenticated user from the monitoring and event tables (CVE-2025-36372)

Summary IBM® Db2® could disclose sensitive information such as access keys to an authenticated user from the monitoring and event tables. CVE-2025-36372 Vulnerability Details CVEID:CVE-2025-36372 DESCRIPTION: IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows...

6.5CVSS5.8AI score0.00303EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/07/04 8:16 a.m.7 views

CVE-2026-14619

A flaw has been found in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /medicine.php. This manipulation of the argument editid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and ma...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 2026/07/02 12:17 p.m.10 views

CVE-2026-57756

Contributor SQL Injection in nicen-localize-image = 1.4.9 versions...

8.5CVSS0.0022EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 12:17 p.m.6 views

CVE-2026-57669

Subscriber Broken Access Control in Advanced Contact form 7 DB = 2.0.9 versions...

6.5CVSS0.0034EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.10 views

RHEL 9 : mariadb:10.11 (RHSA-2026:33482)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:33482 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB Server:...

10CVSS6.5AI score0.00998EPSS
Exploits0References14
RedHat Linux
RedHat Linux
added 2026/06/29 12:26 p.m.5 views

postgresql: PostgreSQL: Arbitrary code execution vulnerability in 'refint' module

A flaw was found in PostgreSQL. A stack buffer overflow in the 'refint' module allows an unprivileged database user to execute arbitrary code as the operating system user running the database. Additionally, a separate vulnerability exists where, if an application uses a user-controlled column as ...

8.8CVSS7.3AI score0.00378EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/29 12:45 a.m.10 views

EUVD-2026-40017

A vulnerability was determined in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /appointmentapproval.php of the component Appointment Handler. This manipulation of the argument editid causes sql injection. The attack is possible to be carried out remotel...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
OSV
OSV
added 2026/06/23 8:5 p.m.5 views

CVE-2026-53927 NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-fetch endpoint axiosRequestMake accepted URLs whose path contained a permitted extension anywhere in the string, and applied a hand-rolled regex blocklist that omitted 127.0.0.0/8 and 169.254.0.0/16,...

5.1CVSS5.9AI score0.00282EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/22 1:18 p.m.11 views

EUVD-2025-210299

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and obtain sensitive information outside of their authority due to improper token validation...

6CVSS5.8AI score0.00197EPSS
Exploits0References1
OSV
OSV
added 2026/06/19 11:2 a.m.5 views

SUSE-SU-2026:2466-1 Security update for azure-storage-azcopy

This update for azure-storage-azcopy fixes the following issues Update to 10.32.4: - CVE-2025-47907: database/sql: incorrect results returned from Rows.Scan bsc1247720. - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header...

9.6CVSS6.3AI score0.01557EPSS
Exploits1References12
EUVD
EUVD
added 2026/06/18 2:2 p.m.11 views

EUVD-2026-37895

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David Lingren Media LIbrary Assistant allows Blind SQL Injection. This issue affects Media LIbrary Assistant: from n/a through 3.35...

8.5CVSS5.6AI score0.00211EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/17 11:59 a.m.10 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6AI score0.00668EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/17 9:51 a.m.33 views

CVE-2026-48967 WordPress Geo Mashup plugin <= 1.13.19 - SQL Injection vulnerability

Subscriber SQL Injection in Geo Mashup = 1.13.19 versions...

8.5CVSS0.00332EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 9:30 p.m.12 views

EUVD-2026-36950

Unauthenticated SQL Injection in WP Photo Album Plus = 9.1.08.001 versions...

9.3CVSS5.7AI score0.00295EPSS
Exploits0References2
Rows per page
Query Builder