8282 matches found
PT-2025-7708 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.11.x through 9.11.7 Mattermost versions 10.2.x through 10.2.2 Mattermost versions 10.3.x through 10.3.2 Mattermost versions 10.4.x through 10.4.1 Description: The issue allows an attacker to retrieve data from the databa...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a SQL injection vulnerability that stems from the use of uncompiled statements, which can be exploited by an attacker to retrieve database data via a specially designed sorting...
NovaCHRON Zeitsysteme Smart Time Plus 安全漏洞
NovaCHRON Zeitsysteme Smart Time Plus is a time only management program from NovaCHRON Zeitsysteme. A security vulnerability exists in NovaCHRON Zeitsysteme Smart Time Plus versions prior to v8.x through v8.6, which stems from a SQL injection vulnerability in the getCookieNames method...
NovaCHRON Zeitsysteme Smart Time Plus 安全漏洞
NovaCHRON Zeitsysteme Smart Time Plus is a time management only program from NovaCHRON Zeitsysteme. A security vulnerability exists in NovaCHRON Zeitsysteme Smart Time Plus versions prior to v8.x through v8.6, which stems from a SQL injection vulnerability in the addProject method...
Agito Computer Health4All SQL注入漏洞
Agito Computer Health4All is a health management program from Agito Computer. A SQL injection vulnerability exists in Agito Computer Health4All versions prior to 10.01.2025 that stems from improper neutralization of special elements in SQL commands...
PT-2025-7717 · Agito Computer · Health4All
Name of the Vulnerable Software and Affected Versions: Agito Computer Health4All versions prior to 10.01.2025 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...
WordPress Easy Quotes plugin <= 1.2.2 - SQL Injection vulnerability
SQL Injection vulnerability discovered by NAWardRox Patchstack Alliance in WordPress Plugin Easy Quotes versions = 1.2.2...
Code-Projects Real Estate Property Management System 注入漏洞
Code-Projects Real Estate Property Management System is an open source real estate property management system from Code-Projects. An injection vulnerability exists in Code-Projects Real Estate Property Management System version 1.0. An attacker can exploit this vulnerability to perform SQL...
Vulnerability fixed in Exim
Exim's developers have fixed an SQL injection vulnerability. A malicious party could exploit the vulnerability to execute an SQL injection. This allows the malicious party to gain access to sensitive data and potentially execute arbitrary code with privileges from the Exim installation. The exim...
PbootCMS 安全漏洞
PbootCMS is a PbootCMS open source content management system CMS for building websites for open source businesses using the PHP language. A security vulnerability exists in PbootCMS version 1.4.1, which stems from improper template parsing and leads to SQL injection...
WeGIA SQL注入漏洞
WeGIA is a web manager for welfare organizations by Nilson Lazarin Personal Developer. A SQL injection vulnerability exists in WeGIA versions prior to 3.2.14, which stems from unfiltered input in the personalizacaoupload.php endpoint, and can lead to SQL injection and data disclosure...
ChurchCRM 安全漏洞
ChurchCRM is an open source CRM system built for churches by ChurchCRM Open Source. A security vulnerability exists in ChurchCRM 5.13.0 and earlier versions, which stems from the EID parameter being directly connected to a SQL query without proper cleanup, which is susceptible to SQL injection...
ChurchCRM 安全漏洞
ChurchCRM is an open source CRM system built for churches by ChurchCRM Open Source. A security vulnerability exists in ChurchCRM 5.13.0 and earlier versions, which stems from the CurrentFundraiser parameter being directly connected to a SQL query without sufficient cleanup, which can be exploited...
PT-2025-7382 · WordPress · Pollin
Name of the Vulnerable Software and Affected Versions: Pollin plugin for WordPress versions up to, and including, 1.01.1 Description: The issue allows unauthenticated attackers to perform SQL Injection via the question parameter due to insufficient escaping on the user-supplied parameter and lack...
WordPress LTL Freight Quotes – SAIA Edition plugin <= 2.2.10 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by Colin Xu in WordPress Plugin LTL Freight Quotes – SAIA Edition versions = 2.2.10...
PT-2025-27650 · Ооо 'Айди Технологии Управления' · Documino
Уязвимость платформы автоматизации процессов электронного документооборота Documino связана с непринятием мер по защите структуры запроса SQL. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии путём отправки специально сформированного SQL-запроса...
LuxSoft LuxCal Web Calendar SQL注入漏洞
LuxSoft LuxCal Web Calendar is a free user-friendly lightweight web-based event calendar from LuxSoft Switzerland. A SQL injection vulnerability exists in LuxSoft LuxCal Web Calendar versions prior to 5.3.3M and prior to 5.3.3L, which originates from a SQL injection in retrieve.php and could lead...
WordPress plugin Simple Signup Form SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A SQL injection...
WeGIA 访问控制错误漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. WeGIA has an access control error vulnerability that originates from the documentoexcluir.php page of the WeGIA application instance containing a SQL injection vulnerability...
WordPress plugin Distance Rate Shipping for WooCommerce SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...