Lucene search
K

216733 matches found

CVE
CVE
added 2026/03/25 4:14 p.m.6 views

CVE-2026-25007

ElementInvader Addons for Elementor (WordPress plugin) up to version 1.4.2 contains an SQL Injection vulnerability due to improper neutralization of special elements in SQL commands, allowing blind SQL injection. Affected versions are n/a through 1.4.2. The vulnerability is described consistently...

8.5CVSS5.9AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.7 views

CVE-2026-24977

The connected document confirms an authenticated SQL injection in Organici Library (noo-organici-library) up to version 2.1.2, caused by an input handling flaw that enables blind SQL injection with high impact on confidentiality and availability (per CVSS v3.1: 8.5). It also notes that this Organ...

8.5CVSS5.9AI score0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.24 views

CVE-2026-24977 WordPress Organici Library plugin <= 2.1.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NooTheme Organici Library noo-organici-library allows Blind SQL Injection.This issue affects Organici Library: from n/a through = 2.1.2...

8.5CVSS0.00253EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.2 views

CVE-2026-22484 WordPress Lisfinity Core plugin <= 1.5.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in pebas Lisfinity Core lisfinity-core allows SQL Injection.This issue affects Lisfinity Core: from n/a through = 1.5.0...

9.3CVSS5.9AI score0.00383EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:4 p.m.15 views

CVE-2024-58341

OpenCart Core 4.0.2.3 contains a SQL injection vulnerability in the product search endpoint, exploitable by unauthenticated attackers via the query parameter 'search'. Attackers can submit crafted GET requests to perform boolean-based blind or time-based blind SQL injection to extract sensitive d...

8.8CVSS6AI score0.00338EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/03/25 4:4 p.m.21 views

CVE-2024-58341 OpenCart Core 4.0.2.3 SQL Injection via search Parameter

OpenCart Core 4.0.2.3 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'search' parameter. Attackers can send GET requests to the product search endpoint with malicious 'search' values to extract sensitiv...

8.8CVSS0.00338EPSS
Exploits1References4
EUVD
EUVD
added 2026/03/25 3:31 p.m.2 views

EUVD-2026-15415

A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0messageids' parameter in '/supportboard/include/ajax.php' endpoint...

8.7CVSS5.8AI score0.00244EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/03/25 3:8 p.m.136 views

web-app-security-owasp-zap

🔐 Web Application Security Testing with OWASP ZAP Author:...

5.9AI score
Exploits0
NVD
NVD
added 2026/03/25 2:16 p.m.6 views

CVE-2026-4815

A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0messageids' parameter in '/supportboard/include/ajax.php' endpoint...

8.8CVSS0.00244EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 1:31 p.m.3 views

CVE-2026-4815

A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0messageids' parameter in '/supportboard/include/ajax.php' endpoint...

8.7CVSS5.8AI score0.00244EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/25 1:31 p.m.21 views

CVE-2026-4815 SQL Injection vulnerability in Support Board

A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0messageids' parameter in '/supportboard/include/ajax.php' endpoint...

8.7CVSS0.00244EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 1:31 p.m.2 views

CVE-2026-4815 SQL Injection vulnerability in Support Board

A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0messageids' parameter in '/supportboard/include/ajax.php' endpoint...

8.7CVSS5.8AI score0.00244EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/25 12:11 p.m.6 views

WordPress Amelia plugin <= 2.1.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin Amelia versions = 2.1.1...

7.6CVSS5.9AI score0.00271EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/03/25 7:6 a.m.5 views

WordPress Download Monitor plugin <= 5.1.8 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin Download Monitor versions = 5.1.8...

7.6CVSS5.9AI score0.00256EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/03/25 3:31 a.m.5 views

EUVD-2026-15183

A vulnerability was found in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /checkcheckout.php of the component Parameter Handler. The manipulation of the argument serviceId results in sql injection. It is possible to launch the attack remotely. The exploit...

7.5CVSS5.6AI score0.00333EPSS
Exploits1References6
NVD
NVD
added 2026/03/25 2:16 a.m.5 views

CVE-2026-4784

A vulnerability was found in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /checkcheckout.php of the component Parameter Handler. The manipulation of the argument serviceId results in sql injection. It is possible to launch the attack remotely. The exploit...

9.8CVSS0.00333EPSS
Exploits1References5
NVD
NVD
added 2026/03/25 1:17 a.m.5 views

CVE-2026-4783

A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument coursecode leads to sql injection. It is possible to...

6.5CVSS0.00196EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/25 1:9 a.m.2 views

CVE-2026-4784

A vulnerability was found in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /checkcheckout.php of the component Parameter Handler. The manipulation of the argument serviceId results in sql injection. It is possible to launch the attack remotely. The exploit...

7.5CVSS6.7AI score0.00333EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/25 1:9 a.m.3 views

CVE-2026-4784 code-projects Simple Laundry System Parameter checkcheckout.php sql injection

A vulnerability was found in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /checkcheckout.php of the component Parameter Handler. The manipulation of the argument serviceId results in sql injection. It is possible to launch the attack remotely. The exploit...

7.5CVSS6.7AI score0.00333EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/25 12:32 a.m.5 views

CVE-2026-4783 itsourcecode College Management System Parameter add-single-student-results.php sql injection

A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter Handler. The manipulation of the argument coursecode leads to sql injection. It is possible to...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References5
Rows per page
Query Builder