36 matches found
CVE-2026-9003
E-LAN Hybrid Recording System developed by TONNET has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2026-6833
The a+HRD developed by aEnrich has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2026-6834 aEnrich|a+HRD - Missing Authorization
The a+HRD developed by aEnrich has a Missing Authorization vulnerability, allowing authenticated remote attackers to arbitrarily read database contents through a specific API method...
CVE-2026-6834
Technical details about CVE-2026-6834 are not publicly provided in the supplied documents. No affected products, versions, impact, or remediation are detailed here; monitor for updates.
PT-2026-34246
CVE-2026-6833 The a+HRD developed by aEnrich has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents. https://t.co/t19jGHdUjW...
CVE-2026-2236
C@il developed by HGiga has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2026-2093
Docpedia developed by Flowring has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2026-2093
Docpedia (Flowring) has an unauthenticated SQL Injection vulnerability that allows remote attackers to inject arbitrary SQL to read database contents. The issue is triggered via unauthenticated access and can lead to leakage of confidential data (CVE-2026-2093). CVSS metrics provided indicate hig...
CVE-2026-2236
C&Cm@il developed by HGiga has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2026-2235
C&Cm@il developed by HGiga has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
PT-2026-7079
C&Cm@il developed by HGiga has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-15239
CVE-2025-15239 concerns the QOCA aim AI Medical Cloud Platform from Quanta Computer. The connected sources confirm a SQL Injection vulnerability that enables authenticated remote attackers to inject arbitrary SQL commands to read database contents. The available metrics indicate CVSS v3.1 base sc...
CVE-2025-15238 Quanta Computer|QOCA aim AI Medical Cloud Platform - SQL Injection
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-14758
Incorrect configuration of replication security in the MariaDB component of the infra-operator in YAOOK Operator allows an on-path attacker to read database contents, potentially including credentials...
PT-2025-49770
Due to a missing authorization check in SAP Enterprise Search for ABAP, an attacker with high privileges may read and export the contents of database tables into an ABAP report. This could lead to a high impact on data confidentiality and a low impact on data integrity. There is no impact on...
CVE-2025-14255
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-14254
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-14255
CVE-2025-14255 relates to Vitals ESP (Galaxy Software Services). Connected sources confirm a SQL Injection vulnerability in Vitals ESP, enabling authenticated remote attackers to inject arbitrary SQL commands to read database contents. The issue is described consistently across Red Hat, NVD, CVE ...
CVE-2025-14254 Galaxy Software Services|Vitals ESP - SQL Injection
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
PT-2025-49515
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...