CVE-2026-48114

Metacat is data repository software that helps researchers preserve, share, and discover data. Versions 2.0.0 and and above contain an unauthenticated SQL injection in the /harvesterRegistration endpoint. HarvesterRegistration.dbInsert builds an INSERT against HARVESTSITESCHEDULE via string...

CVE-2026-48114 Metacat has an unauthenticated SQL injection vulnerability

Metacat is data repository software that helps researchers preserve, share, and discover data. Versions 2.0.0 and and above contain an unauthenticated SQL injection in the /harvesterRegistration endpoint. HarvesterRegistration.dbInsert builds an INSERT against HARVESTSITESCHEDULE via string...

CVE-2026-50636

The RemoteControl API methods inviteparticipants and remindparticipants pass a caller-supplied token-ID array into TokenDynamic::findUninvited, which concatenates the values directly into a tid IN '...' SQL clause without parameterization or input validation. A remote, authenticated attacker...

CVE-2026-50636

CVE-2026-50636 affects LimeSurvey’s RemoteControl API, specifically the invite_participants and remind_participants methods. The root cause is that caller-supplied token-ID arrays are concatenated directly into a tid IN ('...') clause in TokenDynamic::findUninvited() without parameterization or i...

CVE-2026-50636 LimeSurvey RemoteControl invite_participants/remind_participants SQL Injection

The RemoteControl API methods inviteparticipants and remindparticipants pass a caller-supplied token-ID array into TokenDynamic::findUninvited, which concatenates the values directly into a tid IN '...' SQL clause without parameterization or input validation. A remote, authenticated attacker...

CVE-2026-50636 LimeSurvey RemoteControl invite_participants/remind_participants SQL Injection

The RemoteControl API methods inviteparticipants and remindparticipants pass a caller-supplied token-ID array into TokenDynamic::findUninvited, which concatenates the values directly into a tid IN '...' SQL clause without parameterization or input validation. A remote, authenticated attacker...

EUVD-2026-35770

The RemoteControl API methods inviteparticipants and remindparticipants pass a caller-supplied token-ID array into TokenDynamic::findUninvited, which concatenates the values directly into a tid IN '...' SQL clause without parameterization or input validation. A remote, authenticated attacker...

PT-2026-48153

The RemoteControl API methods invite participants and remind participants pass a caller-supplied token-ID array into TokenDynamic::findUninvited, which concatenates the values directly into a tid IN '...' SQL clause without parameterization or input validation. A remote, authenticated attacker...

CVE-2018-25371

The CVE-2018-25371 entry concerns mooSocial Store Plugin 2.6 with a blind SQL injection in the product parameter of the URL rewrite functionality. The vulnerability allows unauthenticated attackers to manipulate queries, enabling boolean-based blind, time-based blind, or stacked query techniques ...

Exploit for CVE-2026-42167

ProFTPD Vulnerability POCs Proof-of-concept demonstrations fo...

CVE-2026-40900 DataEase has SQL Injection via Stacked Queries

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /de2api/datasetData/previewSql endpoint. The user-supplied SQL is wrapped in a subquery without validation that the input is a single SELECT statement...

CVE-2026-40900

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /de2api/datasetData/previewSql endpoint. The user-supplied SQL is wrapped in a subquery without validation that the input is a single SELECT statement...

CVE-2026-40900 DataEase has SQL Injection via Stacked Queries

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /de2api/datasetData/previewSql endpoint. The user-supplied SQL is wrapped in a subquery without validation that the input is a single SELECT statement...

CVE-2026-40900

DataEase prior to 2.10.21 contains an SQL injection in the /de2api/datasetData/previewSql endpoint. User-supplied SQL is wrapped in a subquery without validating that the input is a single SELECT. Coupled with a JDBC blocklist bypass enabling allowMultiQueries=true, an attacker can break out of t...

PT-2026-33363

Name of the Vulnerable Software and Affected Versions DataEase versions prior to 2.10.21 Description An issue exists in the '/de2api/datasetData/previewSql' endpoint where user-supplied SQL is wrapped in a subquery without validation to ensure the input is a single SELECT statement. By utilizing ...

CVE-2019-25713 MyT-PM 1.5.1 SQL Injection via Charge[group_total] Parameter

MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the Chargegrouptotal parameter. Attackers can submit crafted POST requests to the /charge/admin endpoint with error-based, time-based blind...

PT-2026-32175

MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the Chargegroup total parameter. Attackers can submit crafted POST requests to the /charge/admin endpoint with error-based, time-based blin...

PT-2026-29592

Hi.Events is an open-source event management and ticket selling platform. From version 0.8.0-beta.1 to before version 1.7.1-beta, multiple repository classes pass the user-supplied sort by query parameter directly to Eloquent's orderBy without validation, enabling SQL injection. The application...

Fleet's Apple MDM profile delivery has second-order SQL Injection that can compromise the database

Summary A critical second-order SQL Injection vulnerability in Fleet's Apple MDM profile delivery pipeline could allow an attacker with a valid MDM enrollment certificate to exfiltrate or modify the contents of the Fleet database, including user credentials, API tokens, and device enrollment...

EUVD-2018-21663

SAT CFDI 3.3 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'id' parameter in the signIn endpoint. Attackers can submit POST requests with boolean-based blind, stacked queries, or time-based blind SQL injection payloa...