2400 matches found
EUVD-2025-5723
Malicious code in bioql PyPI...
EUVD-2025-2982
Malicious code in bioql PyPI...
EUVD-2025-6605
Malicious code in bioql PyPI...
EUVD-2025-14915
Malicious code in bioql PyPI...
EUVD-2025-17409
Malicious code in bioql PyPI...
EUVD-2025-4365
Malicious code in bioql PyPI...
EUVD-2024-42371
Malicious code in bioql PyPI...
CVE-2024-13150
CVE-2024-13150 describes an SQL Injection in Fayton Software and Consulting Services fayton.Pro ERP. The vulnerability arises from improper neutralization of special elements in SQL commands, enabling potential unauthorized access to the full database. Affected product is fayton.Pro ERP (through ...
PT-2025-39154
Name of the Vulnerable Software and Affected Versions Iron Mountain Archiving Services Inc. EnVision versions prior to 250563 Description The software contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' issue. This allows for Command Injection...
CVE-2025-53468
CVE-2025-53468 describes an SQL Injection in the WordPress plugin WP Tabber Widget (Wp tabber widget) affecting versions up to 4.0. The vulnerability is listed as authenticated (Contributor+) SQL Injection, with a CVSS 3.1 base metric of 8.5 (HIGH). Connected sources indicate patch status as Unpa...
PT-2025-38779
Name of the Vulnerable Software and Affected Versions AWP Classifieds versions through 4.3.5 Description A flaw exists in Strategy11 Team AWP Classifieds that allows code injection due to improper neutralization of script-related HTML tags on a web page. This is a Basic Cross-Site Scripting XSS...
CVE-2024-13151
CWE - 89 - Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ESBI Information and Telecommunication Industry and Trade Limited Company Auto Service Software allows SQL Injection. This issue affects Auto Service Software: before v.2025.10.01...
CVE-2025-10439
CVE-2025-10439 affects Yordam Informatics Yordam Library Automation System. The vulnerability is a SQL Injection due to improper neutralization of special elements in the SQL command. Affected versions are 21.5 and 21.6 prior to 21.7. The issue can lead to high-impact compromise of confidentialit...
CVE-2025-58116
Improper neutralization of special elements used in an OS command 'OS Command Injection' issue exists in WN-7D36QR and WN-7D36QR/UE. If this vulnerability is exploited, an arbitrary OS command may be executed by a remote authenticated attacker...
Yordam Library Automation System SQL注入漏洞
Yordam Library Automation System is an application from Yordam, Inc. A SQL injection vulnerability exists in Yordam Library Automation System versions 21.5, 21.6, and prior to 21.7, which stems from improper neutralization of a special element and could lead to a SQL injection attack...
PT-2025-37926
Name of the Vulnerable Software and Affected Versions Dolusoft Omaspot versions prior to 12.09.2025 Description Dolusoft Omaspot is susceptible to a SQL Injection issue due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendation...
PT-2025-37993
Name of the Vulnerable Software and Affected Versions: E1 Informatics Web Application versions through 20250916 Description: The E1 Informatics Web Application contains a SQL Injection issue due to improper neutralization of special elements used in an SQL command. This allows attackers to perfor...
CVE-2025-9997
CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability exists that could cause command injection in BLMon that is executed in the operating system console when in a SSH session...
CVE-2025-55227
Improper neutralization of special elements used in a command 'command injection' in SQL Server allows an authorized attacker to elevate privileges over a network...
PT-2025-36812
Name of the Vulnerable Software and Affected Versions: Themeum Tutor LMS versions through 3.7.4 Description: Themeum Tutor LMS is susceptible to a SQL injection flaw due to improper neutralization of special elements within SQL commands. This allows for potential SQL injection attacks...