8196 matches found
CVE-2026-25418 WordPress Bit Form plugin <= 2.21.10 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Bit Apps Bit Form bit-form allows SQL Injection.This issue affects Bit Form: from n/a through = 2.21.10...
CVE-2026-25378
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.4...
CVE-2026-2706
A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown function of the file /fecalysisnot.php. This manipulation of the argument compid causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2026-2706 code-projects Patient Record Management System fecalysis_not.php sql injection
A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown function of the file /fecalysisnot.php. This manipulation of the argument compid causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2025-12707 Library Management System <= 3.2.1 - Unauthenticated SQL Injection
The Library Management System plugin for WordPress is vulnerable to SQL Injection via the 'bid' parameter in all versions up to, and including, 3.2.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...
CVE-2026-2690 itsourcecode Event Management System Admin Login ajax.php sql injection
A flaw has been found in itsourcecode Event Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login of the component Admin Login. This manipulation of the argument Username causes sql injection. It is possible to initiate the atta...
Delinea Cloud Suite 安全漏洞
Delinea Cloud Suite is a cloud-based resource pool management software developed by Delinea Corporation in the United States. Versions of Delinea Cloud Suite prior to 25.2 HF1 contained security vulnerabilities. These vulnerabilities were caused by improper handling of special elements within SQL...
FileFlows 安全漏洞
FileFlows is an open-source, self-hosted file processing system developed by FileFlows. Versions of FileFlows prior to 25.05.2 contained security vulnerabilities. These vulnerabilities stemmed from the SQL injection vulnerability in the library file search function, which could lead to privilege...
PT-2026-20865
Name of the Vulnerable Software and Affected Versions wpForo Forum plugin versions prior to 2.4.15 Description The wpForo Forum plugin for WordPress is susceptible to time-based SQL Injection through the wpfob parameter. Insufficient escaping of user-supplied input and inadequate SQL query...
PT-2026-20717
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.4...
NesterSoft WorkTime 安全漏洞
NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability, which stems from an SQL injection vulnerability in the widget API endpoint. This vulnerability could lead to data leaks or the execution of arbitrary...
PT-2026-20561
Name of the Vulnerable Software and Affected Versions itsourcecode Event Management System version 1.0 Description A SQL injection issue exists in itsourcecode Event Management System version 1.0. The issue is located in the /admin/manage booking.php file, within an unknown function. Manipulation...
PT-2026-20957
Tanium addressed a SQL injection vulnerability in Asset...
PT-2026-20645
A flaw has been found in code-projects Patient Record Management System 1.0. This affects an unknown function of the file /fecalysis not.php. This manipulation of the argument comp id causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...
itsourcecode Event Management System SQL注入漏洞
itsourcecode Event Management System is an open-source event management system developed by itsourcecode. Version 1.0 of the itsourcecode Event Management System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the...
PT-2026-20901
Name of the Vulnerable Software and Affected Versions Delinea Cloud Suite versions prior to 25.2 HF1 Description An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability exists in Delinea Cloud Suite, allowing argument injection. The issue affects the...
CVE-2025-12812
CVE-2025-12812 describes an SQL Injection vulnerability in Delinea Cloud Suite and Privileged Access Service caused by improper neutralization of special elements in SQL commands. Multiple sources confirm the issue and its remediation: Cloud Suite is fixed in version 25.1. Affected component(s) a...
CVE-2025-7631
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co. Tumeva Prime News Software allows SQL Injection.This issue affects Tumeva Prime News Software:...
CVE-2026-1639
The Taskbuilder WordPress plugin (Taskbuilder – WordPress Project Management & Task Management) is affected by a time-based blind SQL Injection in all versions up to 5.0.2, via the parameters after parsing used in the plugin’s queries (notably order and sort_by). Root cause per sources: insuffici...
XHan Admin SQL注入漏洞
XHan Admin is a management system developed by Alixhan’s individual developers. Versions of XHan Admin prior to 1.7.0 contained an SQL injection vulnerability. This vulnerability stemmed from incorrect handling of parameters in files/frontend-api/system-service/api/system/role/query, specifically...