Sciyon Koyuan Thermoelectricity Heat Network SQL注入漏洞

Sciyon Koyuan Thermoelectricity Heat Network is a heat network management system developed by the Chinese company Sciyon. Version 3.0 of Sciyon Koyuan Thermoelectricity Heat Network has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the PGUID parameter in the...

CVE-2025-69633

A SQL Injection vulnerability in the Advanced Popup Creator advancedpopupcreator module for PrestaShop 1.1.26 through 1.2.6 Fixed in version 1.2.7 allows remote unauthenticated attackers to execute arbitrary SQL queries via the fromController parameter in the popup controller. The parameter is...

CVE-2025-69633

A SQL Injection vulnerability in the Advanced Popup Creator advancedpopupcreator module for PrestaShop 1.1.26 through 1.2.6 Fixed in version 1.2.7 allows remote unauthenticated attackers to execute arbitrary SQL queries via the fromController parameter in the popup controller. The parameter is...

WordPress Download Manager Addons for Elementor plugin <= 1.3.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by NumeX in WordPress Plugin Download Manager Addons for Elementor versions = 1.3.0...

Code-Projects Online Reviewer System SQL注入漏洞

The Code-Projects Online Reviewer System is an online review system developed by Code-Projects as open source. Version 1.0 of the Code-Projects Online Reviewer System has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the difficultyid parameter in the...

Code-Projects Online Reviewer System SQL注入漏洞

The Code-Projects Online Reviewer System is an online review system developed by Code-Projects as open source. Version 1.0 of the Code-Projects Online Reviewer System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of parameters named “id” in files like...

itsourcecode News Portal Project SQL注入漏洞

itsourcecode News Portal Project is an open-source news portal project developed by itsourcecode. Version 1.0 of the itsourcecode News Portal Project contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the "email" parameter in the file/admin/index.php, whi...

CVE-2026-2195 code-projects Online Reviewer System questions-view.php sql injection

A vulnerability has been found in code-projects Online Reviewer System 1.0. This vulnerability affects unknown code of the file /system/system/admins/assessments/pretest/questions-view.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out...

EUVD-2026-5723

A vulnerability was determined in SourceCodester Online Class Record System 1.0. This issue affects some unknown processing of the file /admin/message/search.php. Executing a manipulation of the argument term can lead to sql injection. The attack can be executed remotely. The exploit has been...

SourceCodester Online Class Record System SQL注入漏洞

The SourceCodester Online Class Record System is an open-source online classroom recording system developed by SourceCodester. Version 1.0 of the SourceCodester Online Class Record System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the useremail paramet...

OpenSTAManager has a SQL Injection in the Prima Nota module

Summary Critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module of OpenSTAManager v2.9.8 allows authenticated attackers to extract complete database contents including user credentials, customer PII, and financial records through XML error messages by injecting...

PT-2026-6959

CVE-2026-25698 - Apache HTTP Server SQL Injection Vulnerability CVE ID : CVE-2026-25698 Published : Feb. 6, 2026, 4:15 a.m. | 32 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2025-69215

OpenSTAManager is an open source management software for technical assistance and invoicing. In version 2.9.8 and prior, there is a SQL Injection vulnerability in the Stampe Module. At time of publication, no known patch exists...

EUVD-2025-206784

OpenSTAManager is an open source management software for technical assistance and invoicing. In version 2.9.8 and prior, there is a SQL Injection vulnerability in the Stampe Module. At time of publication, no known patch exists...

CVE-2025-69215 OpenSTAManager has an SQL Injection in the Stampe Module

OpenSTAManager is an open source management software for technical assistance and invoicing. In version 2.9.8 and prior, there is a SQL Injection vulnerability in the Stampe Module. At time of publication, no known patch exists...

CVE-2020-37081

CVE-2020-37081 describes multiple remote SQL injection vulnerabilities in Fishing Reservation System 7.5, affecting admin.php, cart.php, and calendar.php. The vulnerabilities allow attackers to inject SQL via parameters such as uid, pid, type, m, y, and code, potentially compromising the database...

GHSA-QX9P-W3VJ-Q24Q OpenSTAManager has an SQL Injection in the Stampe Module

Vulnerability Details Location - File: modules/stampe/actions.php - Line: 26 - Vulnerable Code: php case 'update': if !emptyintvalpost'predefined' && !emptypost'module' $dbo-query'UPDATE zzprints SET predefined = 0 WHERE idmodule = '.post'module'; // ↑ Direct concatenation without prepare...

CVE-2025-63624

SQL Injection vulnerability in Shandong Kede Electronics Co., Ltd IoT smart water meter monitoring platform v.1.0 allows a remote attacker to execute arbitrary code via the imeilist.aspx file...

WordPress WP Job Portal plugin <= 2.2.2 - Authenticated (Admin+) SQL Injection vulnerability

Authenticated Admin+ SQL Injection vulnerability discovered by thevietronin - GalaxyOne in WordPress Plugin WP Job Portal versions = 2.2.2...

WordPress WP Job Portal plugin <= 2.2.2 - Authenticated (Admin+) SQL Injection via wpjobportal_deactivate() vulnerability

Authenticated Admin+ SQL Injection via wpjobportaldeactivate vulnerability discovered by WordFence in WordPress Plugin WP Job Portal versions = 2.2.2...