CVE-2025-36528

Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in Service Account Auditing reports...

Code-Projects Chat System 注入漏洞

Chat System is a chat system. Chat System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cid in the file /user/confirmpassword.php. An attacker can exploit this vulnerability to execute illegal SQL...

VulnCheck KEV: CVE-2021-24827

The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user input when subscribing to a topic before using it in a SQL statement, leading to an unauthenticated SQL injection issue...

CVE-2025-5716

A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. Affected is an unknown function of the file /login.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

WordPress plugin Epicwin Plugin 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

Daily Expense Tracker System /expense-yearwise-reports-detailed.php File SQL Injection Vulnerability

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter todate in the file...

WordPress plugin GamiPress SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

WordPress plugin ShortLinks Pro SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

CVE-2025-5704

A vulnerability was found in code-projects Real Estate Property Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /Admin/User.php. The manipulation of the argument txtUserName leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-5677

A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/ajax.php?action=saveapplication. The manipulation of the argument positionid leads to sql injection. The attack may be...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection through multiple vector store integrations. An attacker can read and write data using SQL, potentially leading to unauthorized access to data of other users depending on the usage of the library in a web application...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection through multiple vector store integrations. An attacker can read and write data using SQL, potentially leading to unauthorized access to data of other users depending on the usage of the library in a web application...

SQL Injection

Overview llama-index-core is an Interface between LLMs and your data Affected versions of this package are vulnerable to SQL Injection through multiple vector store integrations. An attacker can read and write data using SQL, potentially leading to unauthorized access to data of other users...

PHPGurukul Notice Board System 安全漏洞

Notice Board System is a bulletin board system. The Notice Board System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the file /forgot-password.php parameter email. An attacker can exploit this vulnerability to execute...

LlamaIndex SQL注入漏洞

LlamaIndex is a data framework for LLM applications open-sourced by LlamaIndex. A security vulnerability exists in LlamaIndex version v0.12.21, which stems from a SQL injection vulnerability in multiple vector store integrations that could lead to unauthorized access to data...

Brilliance Golden Link Secondary System 注入漏洞

Brilliance Golden Link Secondary System is a management system from Brilliance, China. An injection vulnerability exists in Brilliance Golden Link Secondary System version 20250424 and earlier, which stems from incorrect manipulation of the parameter nodename in the file...

Code-Projects Patient Record Management System 注入漏洞

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the urinalysisform.php file parameter urinalysisid. An attacker can...

PHPGurukul Complaint Management System 注入漏洞

Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter subcategory in the file /admin/edit-subcategory.php. An attacker can...

code-projects Patient Record Management System 安全漏洞

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter itrno in file /sputumform.php. An attacker can exploit thi...

PHPGurukul Notice Board System 安全漏洞

Notice Board System is a bulletin board system. A SQL injection vulnerability exists in the Notice Board System, which originates from a lack of validation of externally-entered SQL statements in the parameter mobilenumber in file /admin-profile.php. An attacker can exploit this vulnerability to...