Databasir 安全漏洞

Databasir is a open-source relational database model documentation management platform for teams. Versions of Databasir 1.0.7 and earlier contain security vulnerabilities. These vulnerabilities stem from SQL injections in the query parameters of the search API endpoint, which could allow remote...

Cisco Secure Firewall Management Center SQL注入漏洞

Cisco Secure Firewall Management Center is a powerful network security management tool developed by Cisco, Inc. Cisco Secure Firewall Management Center has a SQL injection vulnerability, which stems from insufficient user input validation. This vulnerability could allow authenticated remote...

PT-2026-22960

Tradebox 5.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the symbol parameter. Attackers can send POST requests to the monthly deposit endpoint with malicious symbol values using boolean-based blind,...

PT-2026-22954

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the job id parameter. Attackers can send POST requests to get job applications ajax.php with malicious job id values to bypass authenticatio...

PT-2026-22955

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the employerid parameter. Attackers can send POST requests to the register-recruiters endpoint with time-based SQL injection payloads to...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the SQL function. An attacker can gain unauthorized access to sensitive database content and potentially modify data by sending crafted SQL queries to the /api/query/sql endpoint as a low-privileged user...

GHSA-JQWG-75QF-VMF9 SiYuan's direct SQL Query API accessible to Reader-level users enables unauthorized database access

Summary /api/query/sql allows users to run SQL directly, but it only checks basic auth, not admin rights, any logged-in user, even readers, can run any SQL query on the database. Details The vulnerable endpoint is in kernel/api/sql.go go func SQLc gin.Context ret := gulu.Ret.NewResult defer...

SiYuan's direct SQL Query API accessible to Reader-level users enables unauthorized database access

Summary /api/query/sql allows users to run SQL directly, but it only checks basic auth, not admin rights, any logged-in user, even readers, can run any SQL query on the database. Details The vulnerable endpoint is in kernel/api/sql.go go func SQLc gin.Context ret := gulu.Ret.NewResult defer...

BIT-DISCOURSE-2026-27149 Discourse has SQL injection in PM tag filtering

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, SQL injection in PM tag filtering listprivatemessagestag allows bypassing tag filter conditions, potentially disclosing unauthorized private message metadata. Versions 2025.12.2, 2026.1.1, and...

CVE-2026-26702

sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/myitemreuse.php...

CVE-2026-26695

code-projects Simple Student Alumni System v1.0 is vulnerable to SQL Injection in /TracerStudy/recordstudentedit.php...

SourceCodester Pharmacy Point of Sale System 安全漏洞

The SourceCodester Pharmacy Point of Sale System is an open-source pharmacy sales point system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Point of Sale System contains a security vulnerability, which stems from SQL injection in the /pharmacy/managesupplier.php file...

EUVD-2026-9299

Sourcecodester Simple Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /msms/admin/appointments/viewappointment.php...

PT-2026-22825

A vulnerability has been found in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /admin/student-fee.php. Such manipulation of the argument roll no leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed ...

PT-2026-22752

Sourcecodester Simple Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /msms/admin/appointments/view appointment.php...

CVE-2025-70821

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

GHSA-59G6-V3VG-F7WC CocoIndex Doris target connector didn't verify table name when constructing ALTER TABLE statements

Impact The Doris target connector didn't verify the configured table name before creating some SQL statements ALTER TABLE. So, in the application code, if the table name is provided by an untrusted upstream, it expose vulnerability to SQL injection when target schema change. Patches Yes, it's fix...

CVE-2025-48650

In multiple locations, there is a possible information disclosure due to SQL injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-28399

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, an authenticated user with Creator role can inject arbitrary SQL via the DATEADD formula's unit parameter. This issue has been patched in version 0.301.3...

CVE-2026-28399

NocoDB prior to 0.301.3 allows an authenticated user with Creator role to inject arbitrary SQL via the DATEADD formula’s unit parameter. The vulnerability affects NocoDB installations using DATEADD with the unit parameter and could lead to arbitrary SQL execution with the user’s privileges, poten...