233691 matches found
EUVD-2026-33515
A security flaw has been discovered in OFCMS up to 1.1.3. The impacted element is the function Query of the file ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\ComnController.java of the component ComnController. Performing a manipulation of the argument system.user.query results in sq...
CVE-2026-10193
CVE-2026-10193 affects OFCMS up to version 1.1.3. The vulnerable element is the Query function in file at com/ofsoft/cms/admin/controller/ComnController.java (ComnController). An attacker can manipulate the argument system.user.query to trigger SQL injection. The exploit is capable of remote init...
CVE-2026-10193 OFCMS ComnController ComnController.java query sql injection
A security flaw has been discovered in OFCMS up to 1.1.3. The impacted element is the function Query of the file ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\ComnController.java of the component ComnController. Performing a manipulation of the argument system.user.query results in sq...
CVE-2026-10193 OFCMS ComnController ComnController.java query sql injection
A security flaw has been discovered in OFCMS up to 1.1.3. The impacted element is the function Query of the file ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\ComnController.java of the component ComnController. Performing a manipulation of the argument system.user.query results in sq...
Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple
CVE-2019-9053 — Unauthenticated SQL Injection in CMS Made Simp...
CVE-2026-10185
A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-10184
A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been...
CVE-2026-10186
Code-projects Online Hospital Management System 1.0 contains an SQL injection vulnerability in the /patient.php endpoint, triggered by manipulating the editid parameter. The flaw allows remote exploitation and has publicly disclosed exploit details. Multiple CVSS metrics across versions (e.g., CV...
CVE-2026-10186 code-projects Online Hospital Management System patient.php sql injection
A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed remotely. The exploit...
EUVD-2026-33508
A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed remotely. The exploit...
CVE-2026-10186 code-projects Online Hospital Management System patient.php sql injection
A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed remotely. The exploit...
CVE-2026-10186
A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed remotely. The exploit...
CVE-2026-10185 SourceCodester Hospitals Patient Records Management System Users.php save sql injection
A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-10185 SourceCodester Hospitals Patient Records Management System Users.php save sql injection
A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-10184
A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been...
CVE-2026-10184 SourceCodester Hospitals Patient Records Management System Users.php delete sql injection
A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been...
CVE-2026-10184
The CVE affects SourceCodester Hospitals Patient Records Management System 1.0. The vulnerability resides in /classes/Users.php?f=delete where manipulating the ID parameter causes a SQL injection. It can be exploited remotely and an exploit has been released publicly. No remediation or versioned ...
CVE-2026-49489
OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can inject malicious SQL via the sortDirection parameter in ajax/getDataGridPager.php to perform...
[SECURITY] [DSA 6312-1] symfony security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6312-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 31, 2026 https://www.debian.org/security/faq -...
CVE-2026-49490
OpenCATS (version 0.9.1a) contains an SQL injection in DataGrid filter handling for the Tags column in the Candidates DataGrid. The vulnerability can be exploited by authenticated attackers who manipulate filter requests to bypass column filter restrictions and execute arbitrary SQL queries again...