Vulnerabilities fixed in Microsoft SQL Server

Microsoft has fixed vulnerabilities in SQL Server. The vulnerabilities are related to improper access management and SQL injection, which allows authorized attackers to escalate privileges within a network. This can lead to unauthorized access and manipulation of sensitive data. The vulnerabiliti...

CVE-2025-8806

A vulnerability was found in zhilink 智互联深圳科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. It has been classified as critical. This affects an unknown part of the file /adpweb/a/sys/office/treeData. The manipulation of the argument extId leads to sql injection. It is possible to initiate...

CVE-2025-50466

OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The entityType parameter can be used to build a SQL query...

PT-2025-32483 · Code Projects · Online Medicine Guide

Name of the Vulnerable Software and Affected Versions: code-projects Online Medicine Guide version 1.0 Description: A critical vulnerability exists in code-projects Online Medicine Guide 1.0. The vulnerability is a SQL injection that occurs due to the manipulation of the del argument in the...

CVE-2025-8704 Wanzhou WOES Intelligent Optimization Energy Saving System Analysis Conclusion Query Module GetAlarmResultProcessList sql injection

A vulnerability, which was classified as critical, has been found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This issue affects some unknown processing of the file /WEASAlarmResult/GetAlarmResultProcessList of the component Analysis Conclusion Query Module. The manipulatio...

CVE-2025-50466

OpenMetadata =1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The entityType parameter can be used to build a SQL query...

Vehicle Management /filter3.php File SQL Injection Vulnerability

Vehicle Management is a vehicle management system. Vehicle Management suffers from an SQL injection vulnerability that stems from the lack of validation of externally-entered SQL statements in the parameter company in file /filter3.php. An attacker can exploit this vulnerability to execute illega...

CVE-2025-8408

A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. Affected is an unknown function of the file /filter1.php. The manipulation of the argument vehicle leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-8163

A vulnerability, which was classified as critical, was found in deerwms deer-wms-2 up to 3.3. This affects an unknown part of the file /system/role/list. The manipulation of the argument paramsdataScope leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-8135

A vulnerability, which was classified as critical, has been found in itsourcecode Insurance Management System 1.0. This issue affects some unknown processing of the file /updateAgent.php. The manipulation of the argument agentid leads to sql injection. The attack may be initiated remotely. The...

Crime Reporting System userlogin.php File SQL Injection Vulnerability

Crime Reporting System is a crime reporting system. Crime Reporting System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter email in the file /userlogin.php. An attacker can exploit this vulnerability to...

Exploit for CVE-2026-2058

CLOUD-CLASSROOMS-php-1.0 PoC - Sql Injection Erro Based Prese...

Modern Bag slideupdate.php File SQL Injection Vulnerability

Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter idSlide in file /admin/slideupdate.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illeg...

Code-Projects Patient Record Management System 注入漏洞

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from improper handling of the parameter itrno in the file /xrayform.php, which can be exploited by an attacker to bypass authenticati...

CVE-2025-7581

A vulnerability, which was classified as critical, has been found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/positionsedit.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The...

Code-Projects AVL Rooms 安全漏洞

Code-Projects AVL Rooms is an AVL room system from Code-Projects open source. A security vulnerability exists in Code-Projects AVL Rooms version 1.0, which stems from a SQL injection due to incorrect manipulation of the parameter city in the file /city.php...

PHPGurukul Online Fire Reporting System 安全漏洞

Online Fire Reporting System is an online fire reporting system. The Online Fire Reporting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter teamid in the file /admin/new-requests.php. An attacker ca...

SEMCMS 安全漏洞

SEMCMS is SEMCMS open source content management system CMS for foreign trade websites that supports multiple languages. A security vulnerability exists in SEMCMS v5.0, which originates from SQL injection of the lgid parameter in SEMCMSProducts.php...

VulnCheck KEV: CVE-2022-38627

Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter...

CVE-2025-7157

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...