EUVD-2026-32111

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the ssoabstractservice due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

CVE-2026-7618

The EnvíaloSimple: Email Marketing y Newsletters plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'orderby' parameter in all versions up to, and including, 2.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

PT-2026-43598

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getDevicegroups function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

PT-2026-43611

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the devices configuration view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECT24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymbCONNECT24 is an internal...

PT-2026-43563

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

PT-2026-43565

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dsgvo contracts view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

PT-2026-43553

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getLiveValues functions tagid parameter due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

PT-2026-43557

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAlarmProfiles function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

PT-2026-43561

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DevSerialReset function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

PT-2026-43558

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24confi getDevice function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

PT-2026-43663

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 TableOn posts-table-filterable allows Blind SQL Injection.This issue affects TableOn: from n/a through = 1.0.5.1...

PT-2026-43616

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

PT-2026-43614

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

PT-2026-43608

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getWidgetTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

PT-2026-43607

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getProjectTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

PT-2026-43615

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the user alarmprofile view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

PT-2026-43612

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

CVE-2026-38930

OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter...

MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞

MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECTION24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECTION24 is an...