EUVD-2026-0005

CWE-89 Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection'...

CVE-2023-36525

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPJobBoard allows Blind SQL Injection.This issue affects WPJobBoard: from n/a through 5.9.0...

EUVD-2023-40474

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPJobBoard allows Blind SQL Injection.This issue affects WPJobBoard: from n/a through 5.9.0...

WordPress plugin User Feedback 安全漏洞

WordPress User Feedback plugin is a tool designed for WordPress websites to create and manage user feedback forms, surveys and contact forms. WordPress User Feedback plugin suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL...

PT-2025-53258

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in captivateaudio Captivate Sync captivatesync-trade allows Blind SQL Injection.This issue affects Captivate Sync: from n/a through = 3.2.2...

CVE-2025-68561

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ruben Garcia AutomatorWP automatorwp allows SQL Injection.This issue affects AutomatorWP: from n/a through = 5.2.4...

GO-2025-4243 Libredesk has Improper Neutralization of HTML Tags in a Web Page in github.com/abhinavxd/libredesk

Libredesk has Improper Neutralization of HTML Tags in a Web Page in github.com/abhinavxd/libredesk...

EUVD-2025-204041

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bob Hostel hostel allows Reflected XSS.This issue affects Hostel: from n/a through = 1.1.5.9...

WordPress plugin Traveler 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

Improper Neutralization Of Special Elements

ESAPI esapi-java-legacy is vulnerable to an Improper Neutralization of Special Elements. The vulnerability is due to insufficient sanitization in the Encoder.encodeForSQL interface, where the SQL encoding logic fails to properly neutralize special characters, resulting in incomplete protection an...

CVE-2025-68055

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from n/a through = 1.1.32...

CVE-2025-68053

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup xPromoter topbarpromoter allows Blind SQL Injection.This issue affects xPromoter: from n/a through = 1.3.4...

CVE-2025-62847 QTS, QuTS hero

An improper neutralization of argument delimiters in a command vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to alter execution logic. We have already fixed the vulnerability in the following versions: QTS...

WordPress plugin LBG Zoominoutslider 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-51446

Name of the Vulnerable Software and Affected Versions Themefic Hydra Booking versions through 1.1.32 Description The software contains a flaw due to improper neutralization of special elements within SQL commands, leading to a SQL Injection issue. This allows for potential manipulation of databas...

Security Bulletin: IBM OmniFind Text Search Server for DB2 for i is affected by multiple vulnerabilities.  [CVE-2017-15691, CVE-2024-47072, CVE-2024-45492, CVE-2024-25269, CVE-2024-36052]

Summary IBM OmniFind Text Search Server for DB2 for i is vulnerable to overflow attacks CVE-2024-47072, CVE-2024-45492, Improper Restriction of XML External Entity Reference attack CVE-2017-15691, Uncontrolled Resource Consumption attack CVE-2024-25269, and Improper Neutralization attack...

CVE-2025-67517

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in artplacer ArtPlacer Widget artplacer-widget allows Blind SQL Injection.This issue affects ArtPlacer Widget: from n/a through = 2.22.9.2...

EUVD-2025-202124

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tiny Solutions Media Library Tools media-library-tools allows SQL Injection.This issue affects Media Library Tools: from n/a through = 1.6.15...

CVE-2025-64671

Improper neutralization of special elements used in a command 'command injection' in Copilot allows an unauthorized attacker to execute code locally...

CVE-2025-63068 WordPress Contact Form 7 Dynamic Text Extension plugin <= 5.0.5 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in sevenspark Contact Form 7 – Dynamic Text Extension contact-form-7-dynamic-text-extension allows Code Injection.This issue affects Contact Form 7 – Dynamic Text Extension: from n/a through = 5.0.5...