WordPress plugin Simply Schedule Appointments SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin WCAPF SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-31120

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Brainstorm Force OttoKit suretriggers allows Blind SQL Injection.This issue affects OttoKit: from n/a through = 1.1.20...

PHPGurukul Online Course Registration SQL注入漏洞

PHPGurukul Online Course Registration is an online course registration system provided by PHPGurukul Corporation. Version 3.1 of PHPGurukul Online Course Registration contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ‘cid’ in the file...

PT-2026-31397

Name of the Vulnerable Software and Affected Versions SonicWall SMA1000 series appliances affected versions not specified Description Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP...

WordPress plugin Download Monitor SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-31129

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in YayCommerce YayMail yaymail allows Blind SQL Injection.This issue affects YayMail: from n/a through = 4.3.3...

PT-2026-31553

A weakness has been identified in itsourcecode Construction Management System 1.0. Affected by this issue is some unknown functionality of the file /borrowed tool report.php. This manipulation of the argument Home causes sql injection. It is possible to initiate the attack remotely. The exploit h...

WordPress plugin YayMail SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

Code-Projects Easy Blog Site SQL注入漏洞

Code-Projects Easy Blog Site is an easy blog website developed by Code-Projects as open source. Versions of Code-Projects Easy Blog Site 1.0 and earlier had a SQL injection vulnerability. This vulnerability stemmed from the handling of the Name parameter in the file/users/contactus.php, which cou...

PT-2026-31098

The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgr off' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

WordPress plugin Attendance Manager SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-31552

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Course Registration version 3.1 Description A security issue exists in PHPGurukul Online Course Registration 3.1 related to the processing of the /admin/check availability.php file. Manipulation of the regno argument can lead...

PT-2026-31394

Name of the Vulnerable Software and Affected Versions SonicWall SMA1000 series appliances Description An SQL injection flaw exists in SonicWall SMA1000 series appliances. A remote authenticated attacker with read-only administrator privileges can escalate privileges to primary administrator. The...

PT-2026-31551

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Course Registration version 3.1 Description A weakness exists in PHPGurukul Online Course Registration 3.1. The issue affects unknown code within the /check availability.php file. Manipulation of the cid argument can lead to...

Linux Distros Unpatched Vulnerability : CVE-2026-29047

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. From 10.0.0 to before 10.0.24 and 11.0.6, an authenticated user can perform a SQL injection via the log...

WordPress plugin User Registration & Membership SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

CVE-2026-5675

A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /borrowedtool.php of the component Parameter Handler. The manipulation of the argument emp results in sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2026-5681

A flaw has been found in itsourcecode sanitize or validate this input 1.0. This impacts an unknown function of the file /borrowedequip.php of the component Parameter Handler. This manipulation of the argument empid causes sql injection. The attack is possible to be carried out remotely. The explo...

CVE-2026-35184

EcclesiaCRM is CRM Software for church management. Prior to 8.0.0, there is a SQL injection vulnerability in v2/templates/query/queryview.php via the custom and value parameters. This vulnerability is fixed in 8.0.0...