Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8196 matches found

EUVD
EUVDadded 2026/03/12 6:30 p.m.5 views

EUVD-2019-19825

202CMS v10 beta contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the loguser parameter. Attackers can send crafted requests with malicious SQL statements in the loguser field to extract sensitive database...

8.8CVSS5.9AI score0.00365EPSS
Exploits1References4
EUVD
EUVDadded 2026/03/12 6:30 p.m.3 views

EUVD-2026-11625

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a SQL injection vulnerability via the addgroup function. This vulnerability allows attackers to execute arbitrary SQL database operations via a crafted HTTP request...

6AI score0.00453EPSS
Exploits1References2
EUVD
EUVDadded 2026/03/12 6:30 p.m.4 views

EUVD-2019-19827

202CMS v10 beta contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the loguser parameter. Attackers can send POST requests to index.php with crafted SQL payloads using time-based blind injection technique...

8.8CVSS5.9AI score0.00415EPSS
Exploits1References4
EUVD
EUVDadded 2026/03/12 6:30 p.m.2 views

EUVD-2019-19817

Netartmedia PHP Car Dealer contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features parameter. Attackers can submit POST requests to index.php with crafted SQL payloads in the features parameter...

8.8CVSS6.1AI score0.00254EPSS
Exploits0References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.2 views

EUVD-2019-19800

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. Attackers can submit SQL injection payloads in the username and...

8.8CVSS5.8AI score0.00432EPSS
Exploits1References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.2 views

EUVD-2019-19798

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the option parameter. Attackers can send POST requests to uyelik.php with crafted payloads in the option parameter to...

8.8CVSS6AI score0.00265EPSS
Exploits1References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.1 views

EUVD-2019-19796

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter. Attackers can send POST requests to arama.php with malicious SQL payloads in the poll parameter ...

8.8CVSS5.9AI score0.0036EPSS
Exploits1References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.1 views

EUVD-2019-19790

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. Attackers can bypass authentication by submitting equals signs and...

8.7CVSS5.8AI score0.01089EPSS
Exploits1References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.3 views

EUVD-2019-19780

Jettweb PHP Hazir Haber Sitesi Scripti V2 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. Attackers can submit SQL injection payloads in the username and...

8.8CVSS5.8AI score0.00538EPSS
Exploits1References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.4 views

EUVD-2019-19768

Inout RealEstate contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the city parameter. Attackers can send POST requests to the agents/agentlistdetails endpoint with malicious SQL payloads in the city paramete...

8.8CVSS5.9AI score0.00377EPSS
Exploits0References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.4 views

EUVD-2019-19814

Netartmedia Jobs Portal 6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with crafted SQL payloads in the Email field to extract...

8.8CVSS5.9AI score0.00318EPSS
Exploits0References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.3 views

EUVD-2019-19770

iScripts ReserveLogic contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jqSearchDestination parameter. Attackers can send POST requests to the search endpoint with crafted SQL payloads to extract sensitiv...

8.8CVSS5.9AI score0.00318EPSS
Exploits0References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.3 views

EUVD-2019-19774

Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabilities in the admin panel that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into the 'tur', 'id', and 'ozellikdil' parameters of the admin/index.php...

8.8CVSS5.9AI score0.00411EPSS
Exploits1References3
NVD
NVDadded 2026/03/12 6:16 p.m.5 views

CVE-2026-32137

Dataease is an open source data visualization analysis tool. Prior to 2.10.20, The table parameter for /de2api/datasource/previewData is directly concatenated into the SQL statement without any filtering or parameterization. Since tableName is a user-controllable string, attackers can inject...

9.3CVSS0.00418EPSS
Exploits1References1
CVE
CVEadded 2026/03/12 5:3 p.m.13 views

CVE-2026-31841

Hyperterse prior to v2.2.0 exposes raw SQL queries in search results, leaking statements intended to run covertly. Affects the Hyperterse tool-first MCP framework’s search component; vulnerability arises from returning executed-under-the-hood SQL alongside results. Impact per CVSS: Confidentialit...

6.5CVSS5.7AI score0.00178EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2026/03/12 4:16 p.m.4 views

CVE-2019-25534

Netartmedia PHP Car Dealer contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features parameter. Attackers can submit POST requests to index.php with crafted SQL payloads in the features parameter...

8.8CVSS0.00254EPSS
Exploits0References2
NVD
NVDadded 2026/03/12 4:16 p.m.5 views

CVE-2019-25512

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to extract sensitive databa...

8.8CVSS0.00331EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/03/12 3:37 p.m.24 views

CVE-2019-25539 202CMS v10 beta SQL Injection via register.php

202CMS v10 beta contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the loguser parameter. Attackers can send POST requests to index.php with crafted SQL payloads using time-based blind injection technique...

8.8CVSS0.00415EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2026/03/12 3:37 p.m.3 views

CVE-2019-25537

Netartmedia Event Portal 2.0 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with malicious SQL payloads in the Email...

8.8CVSS5.9AI score0.00254EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2026/03/12 3:37 p.m.6 views

CVE-2019-25529

Placeto CMS Alpha rv.4 contains an authenticated SQL injection vulnerability in the admin/edit.php endpoint via the page parameter. Attackers can craft GET requests to extract data using boolean-based blind, time-based blind, or union-based techniques without user interaction, with LOW privileges...

7.1CVSS5.9AI score0.00284EPSS
Exploits0References4
Rows per page
Query Builder