Exploit for CVE-2025-61455

🛡️ CVE Disclosure: CVE-2025-61455 — SQL Injection in E-commerc...

EUVD-2025-34101

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database...

CVE-2025-62389

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

CVE-2025-62383

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...

CVE-2025-62391

Ivanti Endpoint Manager (EPM) has a SQL injection vulnerability CVE-2025-62391 that enables a remote authenticated attacker to read arbitrary data from the EPM database. Connected sources confirm the issue as SQL injection affecting Ivanti EPM, with remediation in Ivanti’s advisories: fixes for r...

CVE-2025-31995 HCL Unica MaxAI Workbench is vulnerable to improper input validation

HCL Unica MaxAI Workbench is vulnerable to improper input validation. This allows attackers to exploit vulnerabilities such as SQL Injection, XSS, or command injection, leading to unauthorized access or data breaches, etc...

Ivanti Endpoint Manager（EPM） SQL注入漏洞

Ivanti Endpoint Manager is a unified endpoint management solution for the enterprise that is designed to centrally manage all types of devices including Windows, macOS, Linux, ChromeOS and IoT devices within an organization, covering OS deployment, software distribution, remote control and more. ...

HCL Unica MaxAI Workbench 安全漏洞

HCL Unica MaxAI Workbench is an artificial intelligence modeling and prediction module from HCL India. A security vulnerability exists in HCL Unica MaxAI Workbench, which stems from improper input validation and could lead to SQL injection, cross-site scripting, or command injection attacks, whic...

PT-2025-41783

Name of the Vulnerable Software and Affected Versions Aykome License Tracking System versions prior to 06.10.2025 Description A flaw exists in Aykome License Tracking System that allows for the manipulation of SQL commands through improper neutralization of special elements. This issue, identifie...

PT-2025-41833

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager affected versions not specified Description A SQL injection issue exists in Ivanti Endpoint Manager. A remote authenticated attacker can potentially read arbitrary data from the database. The issue allows unauthorized...

WordPress Blappsta Mobile App plugin SQL Injection Vulnerability

WordPress Blappsta Mobile App plugin is a plugin that converts WordPress websites into native iOS and Android mobile apps. The WordPress Blappsta Mobile App plugin suffers from a SQL injection vulnerability that stems from the application missing validation of SQL statements in the nhynaacomments...

E-Commerce Website supplier_add.php File SQL Injection Vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter suppemail in the file /pages/supplieradd.php. An attacker can exploit this vulnerability to...

CVE-2025-11611 SourceCodester Simple Inventory System user.php sql injection

A weakness has been identified in SourceCodester Simple Inventory System 1.0. Impacted is an unknown function of the file /user.php. This manipulation of the argument uemail causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public...

CVE-2025-11608

CVE-2025-11608 | code-projects E-Banking System 1.0 has a SQL injection in the POST Parameter Handler, originating from /register.php (parameters: username, password). Multiple sources confirm remote exploitation with a publicly disclosed exploit. Affected component: /register.php; vulnerability ...

EUVD-2025-33860

A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

EUVD-2025-33861

A weakness has been identified in Campcodes Online Apartment Visitor Management System 1.0. This impacts an unknown function of the file /forgot-password.php. This manipulation of the argument email causes sql injection. It is possible to initiate the attack remotely. The exploit has been made...

CVE-2025-11599

A weakness has been identified in Campcodes Online Apartment Visitor Management System 1.0. This impacts an unknown function of the file /forgot-password.php. This manipulation of the argument email causes sql injection. It is possible to initiate the attack remotely. The exploit has been made...

CVE-2025-10175 WP Links Page <= 4.9.6 - Authenticated (Subscriber+) SQL Injection

The WP Links Page plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 4.9.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticat...

Social Network Website SQL注入漏洞

Social Network Website is a simple social networking website by Pynch Personal Developers. Social Network Website suffers from a SQL injection vulnerability that stems from incorrect manipulation of an unknown function in the component Search, which could lead to an SQL injection attack...

Code-Projects E-Commerce Website SQL注入漏洞

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter prodid in file /pages/productaddqty.php. An attacker can exploit this vulnerability to execu...