Exploit for CVE-2026-9082

CVE-2026-9082 Type: SQL Injection CWE-89 Affected Pr...

WordPress PowerPress Podcasting plugin <= 11.15.10 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO in WordPress Plugin PowerPress Podcasting versions = 11.15.10...

CVE-2018-25330

Joomla! EkRishta 2.10 is affected by persistent XSS and SQL injection as described in CVE-2018-25330. The vulnerabilities enable attackers to inject script payloads into profile information (e.g., Address) and SQL payloads via the phone_no parameter to user_setting, allowing script execution when...

CVE-2026-46359

phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attackers with Azure AD accounts containing SQL metacharacters in display names or JWT claims can break...

WordPress Avada (Fusion) Builder plugin <= 3.15.1 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Rafie Muhammad - Awesome Motive, Inc. in WordPress Plugin Fusion Builder versions = 3.15.1...

CVE-2026-45214 WordPress Xpro Elementor Addons plugin <= 1.5.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Blind SQL Injection.This issue affects Xpro Elementor Addons: from n/a through = 1.5.1...

CVE-2026-45218 WordPress WP Travel plugin <= 11.4.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This issue affects WP Travel: from n/a through = 11.4.0...

CVE-2026-45211 WordPress APIExperts Square for WooCommerce plugin <= 4.7.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affects APIExperts Square for WooCommerce: from n/a through = 4.7.1...

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from SQL injection attacks, and they could allow...

SQL Injection

CKAN is vulnerable to SQL Injection. The vulnerability is due to improper sanitization of input in datastoresearchsql, which allows an attacker to inject arbitrary SQL queries and gain access to private resources and PostgreSQL system information...

CVE-Disclosures

🛡️ CVE Disclosures 🛡️ Welcome to my CVE disclosures repositor...

CVE-2024-33722

SOPlanning 1.52.00 is affected by an authenticated SQL Injection in the projets.php page (statut[] parameter). The CVE-2024-33722 entry shows a MEDIUM severity (CVSS 3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L) with an authenticated, low-privilege actor able to induce database queries via a crafted ...

SourceCodester Comment System 注入漏洞

The SourceCodester Comment System is an open-source comment system developed by SourceCodester. Version 1.0 of the SourceCodester Comment System has a vulnerability caused by SQL injection due to the parameter manipulation in the file postcomment.php. This vulnerability could be exploited through...

WordPress BetterDocs Pro plugin <= 3.7.0 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by h0xilo in WordPress Plugin BetterDocs Pro versions = 3.7.0...

CVE-2025-68060 WordPress Team Member plugin <= 8.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPMart Team Member allows Blind SQL Injection. This issue affects Team Member: from n/a through 8.5...

CVE-2025-68060

The CVE-2025-68060 entry concerns the WordPress plugin Team Member (versions up to 8.5). The issue is an improper neutralization of SQL commands in the plugin, enabling SQL Injection (described as Blind SQL Injection). Affected component is the Team Member plugin code handling database queries; r...

WordPress wpForo Forum plugin <= 3.0.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin wpForo Forum versions = 3.0.4...

Code-Projects Feedback System 注入漏洞

Code-Projects Feedback System is an open-source feedback system developed by Code-Projects. Version 1.0 of the Code-Projects Feedback System has a injection vulnerability; this vulnerability stems from the handling of the parameter 'email' in the file 'admin/checklogin.php', which may lead to SQL...

SQL Injection

Overview phpmyfaq/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to SQL Injection in the setTokenData function when OAuth token fields are interpolated into a SQL statement without proper escaping. An attacker can execut...

SQL Injection

Overview rucio is a Rucio Package Affected versions of this package are vulnerable to SQL Injection in the createsqlaquery function when processing filter keys and values in Oracle database backends using the default jsonmeta metadata plugin configuration. An attacker can execute arbitrary SQL...