WordPress plugin Geo Mashup SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

GHSA-MMM5-3G4X-QW39 OpenSTAManager has a SQL Injection via righe Parameter in confronta_righe Modals

Description Six confrontarighe.php files across different modules in OpenSTAManager fetchArray 'SELECT mgarticolilang.title, mgarticoli.codice, inrigheinterventi. FROM inrigheinterventi INNER JOIN...

PT-2026-30286

Name of the Vulnerable Software and Affected Versions OpenSTAManager versions prior to 2.10.2 Description OpenSTAManager contains an SQL Injection vulnerability in the confronta righe.php files across different modules. The righe parameter, received via the $ GET'righe' request, is directly...

EUVD-2026-5639

OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module's add.php file. The application fails to validate that comma-separated...

CVE-2026-25240

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability can occur in user::maintains when role filters are provided as an array and interpolated into an IN ... clause. This issue has been patched in version 1.33.0...

CVE-2026-25240

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability can occur in user::maintains when role filters are provided as an array and interpolated into an IN ... clause. This issue has been patched in version 1.33.0...

CVE-2026-25240

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability can occur in user::maintains when role filters are provided as an array and interpolated into an IN ... clause. This issue has been patched in version 1.33.0...

EUVD-2026-5195

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability can occur in user::maintains when role filters are provided as an array and interpolated into an IN ... clause. This issue has been patched in version 1.33.0...

CVE-2026-25240 PEAR is Vulnerable to SQL Injection in user::maintains() Role IN() Filter

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability can occur in user::maintains when role filters are provided as an array and interpolated into an IN ... clause. This issue has been patched in version 1.33.0...

CVE-2026-25240 PEAR is Vulnerable to SQL Injection in user::maintains() Role IN() Filter

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability can occur in user::maintains when role filters are provided as an array and interpolated into an IN ... clause. This issue has been patched in version 1.33.0...

CVE-2026-25240 PEAR is Vulnerable to SQL Injection in user::maintains() Role IN() Filter

PEAR is a framework and distribution system for reusable PHP components. Prior to version 1.33.0, a SQL injection vulnerability can occur in user::maintains when role filters are provided as an array and interpolated into an IN ... clause. This issue has been patched in version 1.33.0...

PT-2026-6289

Name of the Vulnerable Software and Affected Versions PEAR versions prior to 1.33.0 Description PEAR is a framework and distribution system for reusable PHP components. A SQL injection issue can occur in the user::maintains function when role filters are provided as an array and interpolated into...

EUVD-2021-29050

Malicious code in bioql PyPI...

CVE-2021-42064

If configured to use an Oracle database and if a query is created using the flexible search java api with a parameterized "in" clause, SAP Commerce - versions 1905, 2005, 2105, 2011, allows attacker to execute crafted database queries, exposing backend database. The vulnerability is present if th...

CVE-2021-42064

If configured to use an Oracle database and if a query is created using the flexible search java api with a parameterized "in" clause, SAP Commerce - versions 1905, 2005, 2105, 2011, allows attacker to execute crafted database queries, exposing backend database. The vulnerability is present if th...

SAP Commerce SQL注入漏洞

SAP Commerce is a set of cloud-based e-commerce platform from Germany's SAP. It supports sales management, marketing management, order management, and operations management. SAP Commerce suffers from an SQL injection vulnerability that stems from the software's lack of effective filtering and...

CVE-2021-41329

Datalust Seq before 2021.2.6259 allows users with view filters applied to their accounts to see query results not constrained by their view filter. This information exposure, caused by an internal cache key collision, occurs when the user's view filter includes an array or IN clause, and when...

Datalust Seq 安全漏洞

Datalust Seq is a logging server from Datalust Australia. It is used to speed up diagnostics in complex, asynchronous and distributed applications. A security vulnerability exists in Datalust Seq versions prior to 2021.2.6259, which stems from software that allows a user who applies a view filter...

ThinkPHP5 PDO Authenticity Preprocessing suffers from SQL Injection Vulnerability

ThinkPHP V5.0 is a high-performance framework designed for API development. A SQL injection vulnerability exists in ThinkPHP5 PDO authenticity preprocessing. The vulnerability is caused by controlling the value position of the in statement, i.e. by passing in an array, leading to a SQL injection...