CVE-2026-7023

A vulnerability was detected in ByteDance coze-studio up to 0.5.1. Affected by this vulnerability is the function ExecuteSQL of the file backend/domain/memory/database/service/databaseimpl.go of the component databaseTool. Performing a manipulation results in sql injection. The attack can be...

MikroORM SQL注入漏洞

MikroORM is an open-source framework from MikroORM that supports type-safe object-relational mapping for multiple databases. Versions of MikroORM prior to 6.6.10 and 7.0.6 contained a SQL injection vulnerability. This vulnerability arises from the interpretation of specially crafted objects as ra...

Hscripts Online Quiz Maker SQL注入漏洞

Hscripts Online Quiz Maker is an online quiz creation and management system developed by Hscripts Corporation. Version 1.0 of Hscripts Online Quiz Maker has a SQL injection vulnerability. This vulnerability stems from insufficient validation of the catid and usern parameters, which may lead to SQ...

Mura 安全漏洞

Mura is a content management system developed by Mura Corporation. Versions of Mura prior to 10.1.14 contained security vulnerabilities, which were caused by SQL injection attacks in the getQuery sortDirection parameter of the beanFeed.cfc file...

CVE-2025-15344

Tanium addressed a SQL injection vulnerability in Asset...

Exploit for CVE-2025-14124

CVE-2025-14124 WordPress Team Plugin - Unauthenticated SQL...

PT-2025-51316

Name of the Vulnerable Software and Affected Versions Inventory Management System 1 affected versions not specified Description The Inventory Management System 1 software contains a SQL injection flaw. This issue could allow an attacker to manipulate database queries through crafted input. The...

CVE-2025-12483

The vulnerability CVE-2025-12483 affects the Visualizer: Tables and Charts Manager for WordPress plugin. It is an authenticated SQL Injection via the query parameter in all versions up to 3.11.12, due to insufficient escaping and query preparation, enabling attackers with Contributor-level access...

SQL Injection Vulnerability in Remote Medical Comprehensive Service Platform of Beijing Divine Vision Han Technology Co. Ltd (CNVD-C-2025-879182)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the remote medical integrated service platform of Beijing Shenzhou Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

CVE-2025-13236

A vulnerability was identified in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and...

EUVD-2019-4430

Malware in sbrugna...

EUVD-2025-29038

Malicious code in bioql PyPI...

EUVD-2025-31460

Malicious code in bioql PyPI...

CVE-2024-53499

Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API...

Ivanti Avalanche SQL Injection Vulnerability

Ivanti Avalanche is an enterprise mobile device management system from Ivanti for managing mobile devices such as smartphones and tablets. Ivanti Avalanche suffers from a SQL injection vulnerability that originates when the program does not properly validate user-entered SQL statements, which can...

Dairy Farm Shop Management System edit-product.php File SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter productname in the file...

Code-Projects Church Donation System 注入漏洞

Code-Projects Church Donation System is Code-Projects open source a church donation system. An injection vulnerability exists in Code-Projects Church Donation System version 1.0, which originates from a SQL injection attack due to a misbehavior of the parameter mobile in the file...

WordPress plugin CardGate CardGate Payments for WooCommerce SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

jerryhanjj ERP 安全漏洞

jerryhanjj ERP is an ERP import, export, storage and marketing system developed by Jerry's personal developer. A security vulnerability exists in jerryhanjj ERP version 1.0, which is caused by a SQL injection in the setpassword function of home.php...

WordPress plugin LTL Freight Quotes SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...