216681 matches found
PT-2026-28682
A vulnerability was detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. The affected element is an unknown function of the file /DevicePrint.do?Action=ReadTask of the component Parameter Handler. The manipulation of the argument State results in sql injection. The attack can be launch...
CVE-2026-24031
Dovecot SQL based authentication can be bypassed when authusernamechars is cleared by admin. This vulnerability allows bypassing authentication for any user and user enumeration. Do not clear authusernamechars. If this is not possible, install latest fixed version. No publicly available exploits...
PT-2026-28626
Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.81.0 Description Fleet is open source device management software susceptible to a second-order SQL injection in its Apple MDM profile delivery pipeline. An attacker possessing a valid MDM enrollment certificate could...
CVE-2026-30534
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...
CVE-2026-30534
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...
CVE-2026-30529
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...
CVE-2026-30533
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manageproduct.php file via the "id" parameter...
CVE-2026-30531
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the savecategory action. The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker to inject malicious S...
CVE-2026-30529
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the saveuser action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious S...
SourceCodester Online Food Ordering System 安全漏洞
The SourceCodester Online Food Ordering System is an open-source online meal ordering system developed by SourceCodester. Version 1.0 of the SourceCodester Online Food Ordering System contains a security vulnerability. This vulnerability arises from the saveuser operation in the Actions.php file,...
PT-2026-28404
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the save category action. The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker to inject malicious...
Code-Projects Simple Laundry System SQL注入漏洞
Code-Projects Simple Laundry System is an open-source system developed by Code-Projects, designed for managing laundry shop operations. It offers features such as order management, customer management, and inventory management. Version 1.0 of Code-Projects Simple Laundry System contains a SQL...
PT-2026-28406
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manage product.php file via the "id" parameter...
CVE-2026-30534
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/managecategory.php via the "id" parameter...
CVE-2026-30530
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file specifically the savecustomer action. The application fails to properly sanitize user input supplied to the "username" parameter. This allows an attacker to inject malicious SQL command...
CVE-2026-30529
CVE-2026-30529 affects SourceCodester Online Food Ordering System v1.0, specifically in Actions.php (save_user action). The vulnerability arises from improper sanitization of the username parameter, enabling an authenticated attacker to inject malicious SQL commands. Connected sources confirm the...
CVE-2026-30532
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/viewproduct.php file via the "id" parameter...
Shenzhen Ruiming Streamax Crocus SQL注入漏洞
Shenzhen Ruiming Streamax Crocus is a vehicle monitoring device developed by Shenzhen Ruiming Corporation. Version 1.3.44 of Shenzhen Ruiming Streamax Crocus contains an SQL injection vulnerability. This vulnerability arises from improper handling of the VehicleID parameter in the...
PT-2026-28528
Name of the Vulnerable Software and Affected Versions Group-Office versions prior to 6.8.158 Group-Office versions prior to 25.0.92 Group-Office versions prior to 26.0.17 Description Group-Office is an enterprise customer relationship management and groupware tool. An authenticated SQL Injection...
PT-2026-28692
Name of the Vulnerable Software and Affected Versions itsourcecode Free Hotel Reservation System version 1.0 Description A flaw exists in itsourcecode Free Hotel Reservation System version 1.0 that may allow for SQL injection. The issue is located in the file /admin/mod room/index.php?view=edit...