EUVD-2025-8747

Malicious code in bioql PyPI...

CVE-2025-31559

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Caspio Bridge Custom Database Applications by Caspio custom-database-applications-by-caspio allows DOM-Based XSS.This issue affects Custom Database Applications by Caspio: from n/a through = 2.1...

WordPress Custom Database Applications by Caspio plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Custom Database Applications by Caspio versions = 2.1...

CVE-2025-31559

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Caspio Bridge Custom Database Applications by Caspio custom-database-applications-by-caspio allows DOM-Based XSS.This issue affects Custom Database Applications by Caspio: from n/a through = 2.1...

CVE-2025-31559 WordPress Custom Database Applications by Caspio plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Caspio Bridge Custom Database Applications by Caspio custom-database-applications-by-caspio allows DOM-Based XSS.This issue affects Custom Database Applications by Caspio: from n/a through = 2.1...

Elite Graphix Elite Cms SQL注入漏洞

Elite Graphix Elite Cms is a Web Content Management written in Php language by Elite Graphix India. A platform for storing and organizing information and documents. Elite Graphix Elite Cms suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL...

PgBouncer 信任管理问题漏洞

PgBouncer is an open source lightweight connection pool for PostgreSql from the PgBouncer community. A vulnerability with trust management issues exists in PgBouncer. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker...

Sourcecodester Simple College Website SQL Injection Vulnerability (CNVD-2021-95934)

Sourcecodester Simple College Website is a content management system from Sourcecodester. Sourcecodester Simple College Website suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in database-based applications, which can be exploit...

HGiga MailSherlock SQL Injection Vulnerability (CNVD-2021-25618)

Hgiga MailSherlock is a set of enterprise mail audit system from Henderson Hgiga, China. HGiga MailSherlock suffers from a SQL injection vulnerability, which stems from the lack of validation of externally entered SQL statements in database-based applications, and can be exploited by an attacker ...

PHPSHE SQL Injection Vulnerability (CNVD-2021-14156)

PHPSHE is a set of online shopping mall system of China Lingbao Jane Hao Network Technology PHPSHE Company. The system supports express tracking, online chat, order evaluation and statistics and other functions. A SQL injection vulnerability exists in PHPSHE, which stems from the lack of validati...

PNPSCADA SQL Injection Vulnerability

A SQL injection vulnerability exists in PNPSCADA that stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to execute illegal SQL commands...

ConnectWise Automate SQL Injection Vulnerability

ConnectWise Automate is a cloud-based, local IT automation solution from ConnectWise USA. The product supports content management, file sharing, IT asset tracking and management, and more. A SQL injection vulnerability exists in Connectwise Automate versions prior to 2020.7 and prior to 2019.12...

odata4j sql injection vulnerability (CNVD-2020-24024)

odata4j is a new open source toolkit. A SQL injection vulnerability exists in odata4j version 0.7.0. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit the vulnerability to execute illegal SQL commands...

imcat SQL Injection Vulnerability

imcat is a PHP-based open source website building system . SQL injection vulnerability exists in imcat version 4.9, the vulnerability stems from the lack of validation of external input SQL statements in database-based applications, which can be exploited by attackers to execute illegal SQL...

Omnis Studio 2.4 - Weak Database Field Encryption

Omnis Studio 2.4 - Weak Database Field Encryption source: https://www.securityfocus.com/bid/1255/info Omnis Studio 2.4 is a development tool for creating database applications. The tool gives developers the option to encrypt database entries. However, the encryption scheme used is weak and easily...