25567 matches found
Improper Neutralization of Special Elements in Data Query Logic
Overview adx-mcp-server is a MCP server for Azure Data Explorer integration Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the gettableschema, sampletabledata, and gettabledetails handlers when the tablename parameter is...
websec-payloads
Web Security Payloads & Exploitation Reference Comprehensiv...
CVE-2026-33148
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the FDC USDA FoodData Central search endpoint constructs an upstream API URL by directly interpolating the user-supplied query parameter into the URL string without...
CVE-2026-33980
Azure Data Explorer MCP Server is a Model Context Protocol MCP server that enables AI assistants to execute KQL queries and explore Azure Data Explorer ADX/Kusto databases through standardized interfaces. Versions up to and including 0.1.1 contain KQL Kusto Query Language injection vulnerabilitie...
CVE-2026-33980 Azure Data Explorer MCP Server: KQL Injection in multiple tools allows MCP client to execute arbitrary Kusto queries
Azure Data Explorer MCP Server is a Model Context Protocol MCP server that enables AI assistants to execute KQL queries and explore Azure Data Explorer ADX/Kusto databases through standardized interfaces. Versions up to and including 0.1.1 contain KQL Kusto Query Language injection vulnerabilitie...
CVE-2026-33980
Azure Data Explorer MCP Server is a Model Context Protocol MCP server that enables AI assistants to execute KQL queries and explore Azure Data Explorer ADX/Kusto databases through standardized interfaces. Versions up to and including 0.1.1 contain KQL Kusto Query Language injection vulnerabilitie...
CVE-2026-27879
A flaw was found in Grafana. A remote attacker with low privileges can exploit this vulnerability by sending a specially crafted resample query. This can trigger out-of-memory crashes, leading to a Denial of Service DoS for the affected system. Mitigation Mitigation for this issue is either not...
CVE-2026-34046
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.5.1, the readflow helper in src/backend/base/langflow/api/v1/flows.py branched on the AUTOLOGIN setting to decide whether to filter by userid. When AUTOLOGIN was False i.e., authentication was enable...
CVE-2026-4970
A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file deletephotos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been release...
Azure Data Explorer MCP Server: KQL Injection in multiple tools allows MCP client to execute arbitrary Kusto queries
Summary adx-mcp-server ListDictstr, Any: client = getkustoclient query = f"tablename | getschema" ListDictstr, Any: client = getkustoclient query = f"tablename | sample samplesize" ListDictstr, Any: client = getkustoclient query = f".show table tablename details" -- KQL injection resultset =...
EUVD-2026-16878
Azure Data Explorer MCP Server: KQL Injection in multiple tools allows MCP client to execute arbitrary Kusto queries...
EUVD-2026-16684
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...
CVE-2026-34374
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the Liveschedule::keyExists method constructs a SQL query by interpolating a stream key directly into the query string without parameterization. This method is called as a fallback from LiveTransmition::keyExists...
CVE-2026-33867 AVideo has Plaintext Video Password Storage
WWBN AVideo is an open source video platform. In versions up to and including 26.0, AVideo allows content owners to password-protect individual videos. The video password is stored in the database in plaintext — no hashing, salting, or encryption is applied. If an attacker gains read access to th...
CVE-2026-30534
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...
CVE-2026-30531
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the savecategory action. The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker to inject malicious S...
CVE-2026-33770
Summary: CVE-2026-33770 affects WWBN/AVideo up to version 26.0, where fixCleanTitle() in objects/category.php interpolates user-controlled data directly into a SQL query, enabling SQL injection when creating or renaming categories. The vulnerability stems from building the query with $clean_title...
CVE-2026-33770 AVideo has SQL Injection in category.php fixCleanTitle() via Unparameterized clean_title and id Variables
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the fixCleanTitle static method in objects/category.php constructs a SQL SELECT query by directly interpolating both $cleantitle and $id into the query string without using prepared statements or parameterized...
CVE-2026-33770 AVideo has SQL Injection in category.php fixCleanTitle() via Unparameterized clean_title and id Variables
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the fixCleanTitle static method in objects/category.php constructs a SQL SELECT query by directly interpolating both $cleantitle and $id into the query string without using prepared statements or parameterized...
CVE-2026-33767 AVideo has SQL Injection via Partial Prepared Statement — videos_id Concatenated Directly into Query
WWBN AVideo is an open source video platform. In versions up to and including 26.0, in objects/like.php, the getLike method constructs a SQL query using a prepared statement placeholder ? for usersid but directly concatenates $this-videosid into the query string without parameterization. An...