Lucene search
K

2814 matches found

EUVD
EUVD
added 2026/06/17 1:44 p.m.9 views

EUVD-2026-37711

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Brainstorm Force SureDash allows Blind SQL Injection. This issue affects SureDash: from n/a through 1.8.0...

8.5CVSS5.6AI score0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:51 a.m.31 views

CVE-2026-54185 WordPress Cornerstone plugin < 7.8.8 - SQL Injection vulnerability

Subscriber SQL Injection in Cornerstone 7.8.8 versions...

8.5CVSS0.00342EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:51 a.m.30 views

CVE-2026-49076 WordPress JetEngine plugin <= 3.8.9.1 - SQL Injection vulnerability

Unauthenticated SQL Injection in JetEngine = 3.8.9.1 versions...

9.3CVSS0.00372EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.30 views

CVE-2026-22340 WordPress WPJobster theme <= 6.3.5 - SQL Injection vulnerability

Unauthenticated SQL Injection in WPJobster = 6.3.5 versions...

9.3CVSS0.00372EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 9:50 a.m.30 views

CVE-2025-69135 WordPress Events Schedule - WordPress Events Calendar Plugin plugin <= 2.7.2 - SQL Injection vulnerability

Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin = 2.7.2 versions...

8.5CVSS0.00342EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2026-36910

Contributor SQL Injection in PowerPress Podcasting = 11.15.10 versions...

8.5CVSS5.7AI score0.00253EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.8 views

EUVD-2026-36926

Unauthenticated SQL Injection in Feed KuantoKusta for WooCommerce – Free = 5.3 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.8 views

CVE-2026-42665

Unauthenticated SQL Injection in WP Data Access = 5.5.70 versions...

9.3CVSS0.00283EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:19 p.m.12 views

EUVD-2026-36903

Subscriber SQL Injection in Taskbuilder = 5.0.7 versions...

8.5CVSS5.7AI score0.00339EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.20 views

PT-2026-49225

WordPress Sliced Invoices 3.8.2 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'post' parameter. Attackers can send requests to the admin.php endpoint with action=duplicate quote invoice an...

7.1CVSS5.7AI score0.00226EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.15 views

PT-2026-49415

Unauthenticated SQL Injection in Contest Gallery = 28.1.6 versions...

9.3CVSS5.7AI score0.00283EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/13 10:45 p.m.8 views

CVE-2026-12175 CodeAstro Student Attendance Management System createStudents.php sql injection

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is...

5.8CVSS5.1AI score0.00214EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/11 9:5 p.m.10 views

CVE-2026-39494 WordPress Product Filter by WBW plugin <= 3.1.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WBW Plugins Product Filter by WBW allows Blind SQL Injection. This issue affects Product Filter by WBW: from n/a through 3.1.2...

9.3CVSS5.6AI score0.0039EPSS
Exploits0References1
NVD
NVD
added 2026/06/11 2:16 p.m.15 views

CVE-2026-38581

SQL Injection vulnerability in damasac thaipalliativelte through version 3.0 allows remote attackers to execute arbitrary SQL commands via the idFormMain parameter to /substudy/ezform.php line 14 and the id parameter line 49. The parameters are concatenated directly into SQL queries without...

9.8CVSS0.00329EPSS
Exploits1References2
Mageia
Mageia
added 2026/06/11 1:40 a.m.15 views

Updated roundcubemail packages fix security vulnerabilities

Multiple security vulnerabilities were discovered in RoundCube Webmail, which could result in cross-site scripting, SQL injection, SSRF bypass, information disclosure, denial of service or code injection...

8.1CVSS5.6AI score0.00764EPSS
Exploits1References5
Patchstack
Patchstack
added 2026/06/10 9:7 a.m.7 views

WordPress Taskbuilder plugin <= 5.0.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by VanTastic in WordPress Plugin Taskbuilder versions = 5.0.7...

8.5CVSS5.9AI score0.00339EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/10 8:52 a.m.11 views

WordPress Newsletters plugin <= 4.13 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by wesley wcraft in WordPress Plugin Newsletters versions = 4.13...

7.5CVSS5.7AI score0.01382EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/10 8:28 a.m.14 views

EUVD-2026-35997

The Newsletters plugin for WordPress is vulnerable to time-based SQL Injection via the ‘wpmlsubscriberid’ parameter in all versions up to, and including, 4.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

7.5CVSS5.7AI score0.01382EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2026/06/10 12:0 a.m.53 views

📄 Chatwoot 4.11.1 SQL Injection

This Metasploit module targets an authenticated SQL injection vulnerability in the conversation filtering functionality of Chatwoot instances up to version 4.11.1. ================================================================================================================================== |...

8.5CVSS5.6AI score0.00227EPSS
Exploits1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.16 views

WordPress plugin Newsletters SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.5CVSS5.7AI score0.01382EPSS
Exploits0References2
Rows per page
Query Builder