CVE-2026-4580 code-projects Simple Laundry System Parameters checkupdatestatus.php sql injection

A security flaw has been discovered in code-projects Simple Laundry System 1.0. This impacts an unknown function of the file /checkupdatestatus.php of the component Parameters Handler. The manipulation of the argument serviceId results in sql injection. The attack can be executed remotely. The...

CVE-2025-58993

CVE-2025-58993 affects the WordPress Tutor LMS plugin (Themeum Tutor LMS) up to version 3.7.4. It is a SQL Injection vulnerability caused by improper neutralization of input in SQL queries. CVSS v3.1 base score 7.6 (HIGH) with network attack vector, no user interaction, and high confidentiality i...

YouDianCMS SQL注入漏洞

YouDianCMS is a website CMS. YoudianCMS version v9.5.0 suffers from a SQL injection vulnerability, which originates from the id parameter at /App/Lib/Action/Admin/SiteAction.class.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...

WordPress InLinks Plugin SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL server set up a personal blog site.InLinks plugin is one of the link creation plugin. A SQL injection vulnerability exists in WordPress InLinks plugin...

SQL Injection Vulnerability in UFIDA Financials /target/services/userInfoWeb?wsdl Page

UFIDA Financials is a financial management software. A SQL injection vulnerability exists in the UFIDA Financial System /target/services/userInfoWeb?wsdl page. An attacker can exploit the vulnerability to obtain database information...