PT-2025-35788

Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 1.11.30 Description The Chamilo LMS system has an issue due to inadequate validation of XML object sequences. Successful exploitation could allow a remote attacker to execute arbitrary SQL queries. The application...

WordPress plugin Advanced WooCommerce Product Sales Reporting SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress plugin Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One SQL注入漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Ai Auto Tool Content Writing Assistant Gemini...

The vulnerability of the itc_sample_row_check component in the Virtuoso-OpenSource web application development platform allows a hacker to trigger a service failure.

The vulnerability of the itcsamplerowcheck component in the Virtuoso-OpenSource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability allows an attacker to cause service interruptions by sending speciall...

The vulnerability of the qst_vec_set component in the virtuoso-opensource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the qstvecset component in the virtuoso-opensource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially crafted...

The vulnerability of the dfe_unit_gb_dependant component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the dfeunitgbdependant component in the virtuoso-opensource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability allows an attacker to cause service interruptions by sending special...

The vulnerability of the sqlo_expand_jts component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the sqloexpandjts component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially crafted...

The vulnerability of the itc_set_param_row component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the itcsetparamrow component in the Virtuoso-OpenSource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially...

The vulnerability of the row_insert_cast component in the virtuoso-opensource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the rowinsertcast component in the virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially crafted...

The vulnerability of the sql_tree_hash_1 component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the sqltreehash1 component in the Virtuoso-opensource web application development platform is related to improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending specially...

WordPress Slider by BestWebSoft plugin <= 1.1.0 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by domiee13 in WordPress Plugin Slider by BestWebSoft versions = 1.1.0...

Bank Locker Management System profile.php file SQL Injection Vulnerability

Bank Locker Management System is a bank locker management system. Bank Locker Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the profile.php file's parameter mobilenumber. An attacker can exploit this...

Bank Locker Management System changeidproof.php File SQL Injection Vulnerability

Bank Locker Management System is a bank locker management system. Bank Locker Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the editid parameter of the changeidproof.php file. An attacker can exploit thi...

WordPress JS Help Desk plugin <= 2.9.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin JS Help Desk versions = 2.9.2...

Bank Locker Management System search-locker-details.php File SQL Injection Vulnerability

Bank Locker Management System is a bank locker management system. Bank Locker Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally-entered SQL statements in the searchinput parameter of /search-locker-details.php. An attacker can exploi...

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that stems from a lack of validation of the idfuncionario parameter against externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...

PT-2025-13083 · Unknown · Vimeotheque

Name of the Vulnerable Software and Affected Versions: Constantin Boiangiu Vimeotheque versions n/a through 2.3.4.2 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

Vulnerability of the Premium Package: Selling Digital Products securely through the WordPress content management system. This vulnerability is related to the lack of measures taken to protect the SQL query structure, allowing attackers to execute arbitrary SQL code.

The vulnerability of the Premium Package plugin – enabling secure sales of digital products through a WordPress website’s content management system – is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker who operates remotely t...

PHPGurukul Old Age Home Management System 注入漏洞

PHPGurukul Old Age Home Management System is a nursing home management system from PHPGurukul. An injection vulnerability exists in PHPGurukul Old Age Home Management System version 1.0, which originates from an SQL injection in the /admin/bwdates-report-details.php file, which may be attacked...

The vulnerability of the VMmanager 6 virtualization tool, related to the lack of protective measures for the SQL query structure, allows attackers to execute arbitrary SQL queries against the database.

The vulnerability of VMmanager 6’s virtualization mechanism is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database remotely...