EUVD-2023-38631

Malicious code in bioql PyPI...

EUVD-2023-43673

Malicious code in bioql PyPI...

EUVD-2024-35153

Malicious code in bioql PyPI...

EUVD-2021-28666

Malicious code in bioql PyPI...

EUVD-2024-51953

Malicious code in bioql PyPI...

EUVD-2022-33472

Malicious code in bioql PyPI...

EUVD-2022-2474

Malicious code in bioql PyPI...

PT-2025-36129

Name of the Vulnerable Software and Affected Versions: WP Full Stripe Free versions through 8.3.0 Description: WP Full Stripe Free is susceptible to a SQL injection flaw due to improper neutralization of special elements within SQL commands. Recommendations: Update WP Full Stripe Free to a versio...

Linux Distros Unpatched Vulnerability : CVE-2023-30944

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote...

CVE-2025-52914

A vulnerability in the Suite Applications Services component of Mitel MiCollab 10.0 through SP1 FP1 10.0.1.101 could allow an authenticated attacker to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary SQ...

eKuiper API endpoints handling SQL queries with user-controlled table names.

Summary A critical SQL Injection vulnerability exists in the getLast API functionality of the eKuiper project. This flaw allows unauthenticated remote attackers to execute arbitrary SQL statements on the underlying SQLite database by manipulating the table name input in an API request. Exploitati...

CVE-2025-54294

A SQLi vulnerability in Komento component 4.0.0-4.0.7for Joomla was discovered. The issue allows unprivileged users to execute arbitrary SQL commands...

CVE-2025-54294 Extension - stackideas.com - SQLi vulnerability in Komento component 4.0.0-4.0.7 for Joomla

A SQLi vulnerability in Komento component 4.0.0-4.0.7for Joomla was discovered. The issue allows unprivileged users to execute arbitrary SQL commands...

CVE-2025-50127

CVE-2025-50127 concerns the DJ-Flyer Joomla extension (component DJ-Flyer 1.0–3.2). The issue is a SQL injection vulnerability that allows privileged users to execute arbitrary SQL commands. Root cause is improper input handling in the vulnerable component, enabling crafted queries to reach the d...

SQL Injection

github.com/go-pg/pg is vulnerable to SQL injection. The vulnerability is due to improper handling of input in the /types/appendvalue.go component, which allows an attacker to inject and execute arbitrary SQL commands...

CVE-2025-49484

A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application feature...

CVE-2025-49485

A SQL injection vulnerability in the Balbooa Forms plugin 1.0.0-2.3.1.1 for Joomla allows privileged users to execute arbitrary SQL commands via the 'id' parameter...

CVE-2025-6718

The B1.lt plugin for WordPress is vulnerable to SQL Injection due to a missing capability check on the b1runquery AJAX action in all versions up to, and including, 2.2.57. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute and run arbitrary SQL...

CVE-2025-49484

A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low-privilege users to execute arbitrary SQL commands via the 'cvid' parameter in the employee application feature...

CVE-2025-49485

A SQL injection vulnerability in the Balbooa Forms plugin 1.0.0-2.3.1.1 for Joomla allows privileged users to execute arbitrary SQL commands via the 'id' parameter...