TurboMeeting - Boolean-based SQL Injection

A Boolean-based SQL injection vulnerability in the "RHUB TurboMeeting" web application. This vulnerability could allow an attacker to execute arbitrary SQL commands on the database server, potentially allowing them to access sensitive data or compromise the server. id: CVE-2024-38289 info: name:...

Zabbix - SQL Injection

Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggleids array parameter in latest.php and perform SQL injection attacks. id: CVE-2016-10134 info: name: Zabbix - SQL Injection author: princechaddha severity: critical description: Zabbix...

EUVD-2026-31291

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection. This issue affects WP Directory Kit: from n/a through 1.5.0...

EUVD-2026-29477

Postgrex: Channel-name SQL injection in Postgrex.Notifications.listen/3...

SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges locally...

CVE-2026-39497

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Blind SQL Injection.This issue affects FOX: from n/a through = 1.4.5...

WWBN AVideo 路径遍历漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained a path traversal vulnerability. This vulnerability stemmed from the lack of path traversal protection for the name parameter in the pluginRunDatabaseScript.json.ph...

PT-2026-25172

🟠 CVE-2026-31917 - High Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through = ... https://t.co/rmxKLdVO6O https://t.co/0W8qwfmY6K...

Martcode Delta Course Automation SQL注入漏洞

Martcode Delta Course Automation is an automated marketing and course management system developed by the Turkish company Martcode. Versions of Martcode Delta Course Automation prior to 04022026 contained a SQL injection vulnerability. This vulnerability stemmed from improper neutralization of...

MiracleLinux 8 : cyrus-sasl-2.1.27-6.el8 (AXSA:2022-3081:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3081:01 advisory. cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands CVE-2022-24407 Tenable has extracted the preceding...

CVE-2025-37183 Authenticated SQL Injection in EdgeConnect SD-WAN Orchestrator Web-Based Management Interface

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. Successful exploitation could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading...

CVE-2025-52694 Execution of arbitrary SQL commands

Successful exploitation of the SQL injection vulnerability could allow an unauthenticated remote attacker to execute arbitrary SQL commands on the vulnerable service when it is exposed to the Internet, potentially affecting data confidentiality, integrity, and availability. Users and administrato...

CVE-2005-1818

Multiple SQL injection vulnerabilities in NewLife Blogger before 3.3.1 allow remote attackers to execute arbitrary SQL commands via unknown attack vectors...

CVE-2005-1629

SQL injection vulnerability in member.php for Photopost PHP Pro allows remote attackers to execute arbitrary SQL commands via the verifykey parameter...

CVE-2005-1149

SQL injection vulnerability in admin/login.asp in aspclick.it ACNews 1.0 allows remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameters...

CVE-2005-1734

Multiple SQL injection vulnerabilities in PROMS before 0.11 allow remote attackers to execute arbitrary SQL commands via unknown vectors...

CVE-2005-1585

Multiple SQL injection vulnerabilities in Quick.Forum 2.1.6 allow remote attackers to execute arbitrary SQL commands via the 1 iCategory or 2 page parameter to index.php, or 3 iCategory parameter in the query string to the forum directory...

CVE-2005-1972

Multiple SQL injection vulnerabilities in InteractivePHP FusionBB .11 Beta and earlier allow remote attackers to execute arbitrary SQL commands via 1 the username, which is not properly handled by the insertUser function, or 2 the bbsessionid value in a cookie...

CVE-2005-1084

SQL injection vulnerability in sdating.php in aeDating 3.2 allows remote attackers to execute arbitrary SQL commands files via the event parameter...

CVE-2023-31753

SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an attacker to execute arbitrary SQL commands via the "rid=" parameter...