EUVD-2026-22255

SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/rents/managerent.php...

EUVD-2026-22256

Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/viewdetails.php...

sql-xss

No d...

CVE-2026-4352

The CVE-2026-4352 entry affects the WordPress JetEngine plugin (versions ≤ 3.8.6.1). The vulnerability is an unauthenticated SQL Injection in the CCT REST API search endpoint via the _cct_search parameter, which is interpolated into a SQL string using sprintf() without sanitization or $wpdb->p...

EUVD-2026-22154

Due to insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse, an authenticated user can execute crafted SQL statements to read, modify, and delete database data. This leads to a high impact on the confidentiality, integrity, and availability of th...

CVE-2026-27681

CVE-2026-27681 is an SQL injection vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse caused by insufficient authorization checks. An authenticated user can submit crafted SQL statements to read, modify, and delete data, affecting confidentiality, integrity, and a...

CVE-2026-37595

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/manageemployee.php...

PT-2026-32835

Name of the Vulnerable Software and Affected Versions SQL Server affected versions not specified Description Improper neutralization of special elements used in an sql command SQL injection allows an authorized attacker to elevate privileges locally. SQL injection is a technique where an attacker...

SAP Business Planning and Consolidation和SAP Business Warehouse SQL注入漏洞

SAP Business Planning and Consolidation, as well as SAP Business Warehouse, are products of the German company SAP. SAP Business Planning and Consolidation is a business planning and integration software. This software provides features for budget preparation, forecasting, and financial...

SourceCodester Patient Appointment Scheduler System 安全漏洞

The SourceCodester Patient Appointment Scheduler System is an open-source system developed by SourceCodester. Version 1.0 of the SourceCodester Patient Appointment Scheduler System contains a security vulnerability. This vulnerability stems from an SQL injection issue in the file...

PT-2026-32653

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4,...

PraisonAI 安全漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.133 contained security vulnerabilities, which were caused by SQL identifier injections in the SQLiteConversationStore. These vulnerabilities could lead to unauthorized data...

SourceCodester Patient Appointment Scheduler 安全漏洞

SourceCodester Patient Appointment Scheduler is an open-source patient appointment scheduling tool developed by SourceCodester. Version 1.0 of the SourceCodester Patient Appointment Scheduler contains a security vulnerability. This vulnerability stems from an SQL injection vulnerability in the fi...

PT-2026-32632

CVE-2026-37591 Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/view details.php. https://t.co/zFz4555XYZ...

EUVD-2026-22004

Sourcecodester Online Thesis Archiving System v1.0 is vulnerale to SQL injection in the file /otas/viewarchive.php...

simple-ids

Simple IDS - Intrusion Detection System !License: MIThttp...

CVE-2026-6188

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=deletesales. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and...

EUVD-2026-21922

Sourcecodester Cab Management System v1.0 is vulnerable to SQL injection in the file /cms/admin/categories/viewcategory.php...

EUVD-2026-21876

A weakness has been identified in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/Logincheck.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been made...

EUVD-2026-21874

A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file /catageory.php. Such manipulation of the argument cat leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly...