26544 matches found
CVE-2026-48819
CVE-2026-48819 affects the Hey API openapi-ts code generator. Prior to version 0.97.3, the generated template in dist/clients/core/params.ts copies a runtime template into SDKs (params.gen.ts). The function buildClientParams writes unknown keys with slot prefixes (notably $query_) directly into s...
CVE-2026-48045
Zeroconf is a pure Python implementation of multicast DNS service discovery. Prior to 0.149.12, AsyncListener.handlequeryordefer retained every truncated TC-bit incoming query, each up to MAXMSGABSOLUTE = 8966 bytes, in self.deferredaddr and armed a per-address timer in self.timersaddr without...
CVE-2026-60137 WordPress < 7.0.2 - Facilitated SQL Injection via author__not_in in WP_Query
WordPress 6.8.x before 6.8.6, 6.9.x before 6.9.5, and 7.0.x before 7.0.2 does not properly sanitise the authornotin parameter of WPQuery, which could allow SQL Injection when a plugin or theme passes untrusted input to the parameter...
CVE-2026-60137
CVE-2026-60137 affects WordPress 6.8.x before 6.8.6, 6.9.x before 6.9.5, and 7.0.x before 7.0.2. The issue is a failure to sanitize the author__not_in parameter in WP_Query, enabling potential SQL Injection when untrusted input is passed by a plugin or theme. Mitigation is to update to 6.8.6, 6.9...
CVE-2026-60137 WordPress < 7.0.2 - Facilitated SQL Injection via author__not_in in WP_Query
WordPress 6.8.x before 6.8.6, 6.9.x before 6.9.5, and 7.0.x before 7.0.2 does not properly sanitise the authornotin parameter of WPQuery, which could allow SQL Injection when a plugin or theme passes untrusted input to the parameter...
CVE-2026-63030 WordPress < 7.0.2 - REST API batch-route confusion and SQL injection issue leading to Remote Code Execution
WordPress 6.9.x before 6.9.5 and 7.0.x before 7.0.2 is affected by a REST API batch endpoint route confusion issue which, combined with the authornotin WPQuery SQL Injection CVE-2026-60137, could allow an attacker to perform SQL Injection and achieve Remote Code Execution...
CVE-2026-44739
CVE-2026-44739 (Pimcore) : SQL injection in the columnConfigAction flow of CustomReportsBundle enables an attacker with the reports_config permission to inject and execute arbitrary SELECT/UNION queries and leverage error-based exfiltration. Affected versions are prior to 11.5.17 (LTS) and 12.3.6...
CVE-2026-12283 SQL injection in Amazon Athena Synapse connector
Amazon Athena is a serverless, interactive query service that lets you analyze data directly in Amazon S3 using standard SQL. Athena Query Federation is a feature that allows you to connect to data sources outside of Amazon S3 like DynamoDB, Azure Synapse, and custom connectors using standard SQL...
CVE-2026-12283 SQL injection in Amazon Athena Synapse connector
Amazon Athena is a serverless, interactive query service that lets you analyze data directly in Amazon S3 using standard SQL. Athena Query Federation is a feature that allows you to connect to data sources outside of Amazon S3 like DynamoDB, Azure Synapse, and custom connectors using standard SQL...
CVE-2026-9586
An unauthenticated SQL injection vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997. The /pa endpoint processes XML content beginning with and directly concatenates the user-controlled PhoneIP value into PostgreSQL queries without sanitization or parameterization. An unauthenticated...
CVE-2026-8297
Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Gis Informatics Engineering Consulting Laboratory R&D and Software Services Inc. GisLab Laboratory Management System allows SQL Injection. This issue affects GisLab Laboratory Management System: fr...
CVE-2026-9586 Unauthenticated SQL Injection Leading to Remote Code Execution in Switchvox SMB
An unauthenticated SQL injection vulnerability exists in Sangoma Switchvox SMB Edition 8.3 104997. The /pa endpoint processes XML content beginning with and directly concatenates the user-controlled PhoneIP value into PostgreSQL queries without sanitization or parameterization. An unauthenticated...
CVE-2026-9586
CVE-2026-9586 describes an unauthenticated SQL injection in Sangoma Switchvox SMB Edition 8.3. The vulnerable component is the /pa endpoint, which processes XML beginning with and directly concatenates the user-controlled PhoneIP value into PostgreSQL queries, enabling arbitrary SQL execution an...
CVE-2026-8297
CVE-2026-8297 describes an SQL injection in GisLab Laboratory Management System by Gis Informatics Engineering Consulting (Gis Informatics). Affected versions: 1.4.03 through 08072026. The issue is a generic SQL injection vulnerability with network attack vector, no user interaction, and no privi...
CVE-2026-16009
The provided Connected documents identify CVE-2026-16009 in itsourcecode Hospital Management System 1.0. Affected is an unknown function in /prescriptionorderdetail.php where manipulating the delid argument invokes SQL injection. The vulnerability can be exploited remotely, and public exploits ar...
JS Help Desk <= 2.8.2 - SQL Injection
JS Help Desk WordPress plugin 2.8.2 contains a SQL injection caused by insufficient escaping and preparation of user-supplied values in 'js-support-ticket-token-tkstatus' cookie, letting unauthenticated attackers extract sensitive database information, exploit requires no authentication. id:...
Label Studio - Sensitive Information Exposure
An attacker can construct a filter chain to filter tasks based on sensitive fields for all user accounts on the platform by exploiting Django's Object Relational Mapper ORM. Since the results of query can be manipulated by the ORM filter, an attacker can leak these sensitive fields character by...
XWiki - HQL Injection
XWiki is vulnerable to Hibernate Query Language HQL injection in the wiki and space search REST API starting in version 4.3-milestone-1 and prior to versions 16.10.9, 17.4.2, and 17.5.0. The vulnerability allows attackers to inject malicious HQL queries through the orderField parameter, potential...
Spotweb <= 1.5.1 - Cross Site Scripting
Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the lastname parameter. id: CVE-2021-40973 info: name: Spotweb = 1.5.1 - Cross Site Scripting author: theamanrawat severity:...
SolarWinds Serv-U 15.3 - Directory Traversal
SolarWinds Serv-U 15.3 is susceptible to local file inclusion, which may allow an attacker access to installation and server files and also make it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id:...