6209 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-27470
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZoneMinder is a free, open source closed-circuit television software application. In versions 1.36.37 and below and 1.37.61 through 1.38.0, there is a...
CVE-2025-69310
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Woodly Core woodly-core allows Blind SQL Injection.This issue affects Woodly Core: from n/a through = 1.4...
CVE-2025-69365 WordPress Uroan Core plugin <= 1.4.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Uroan Core uroan-core allows Blind SQL Injection.This issue affects Uroan Core: from n/a through = 1.4.4...
CVE-2025-69309
CVE-2025-69309 affects WordPress plugin Saasplate Core (saasplate-core) up to and including version 1.2.8, due to improper neutralization of special elements in SQL queries, enabling Blind SQL Injection. Affected versions range from n/a through 1.2.8; Red Hat and CVE listings corroborate this sco...
CVE-2026-25378
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.4...
CVE-2025-10970
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Kolay Software Inc. Talentics allows Blind SQL Injection. This issue affects Talentics: through 20022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
CVE-2026-2822
A security vulnerability has been detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file /jeecgboot/sys/dict/loadDict/airagapp,1,createby of the component Backend Interface. Such manipulation of the argument keyword leads to sql injection. The attack can be...
CVE-2026-2821
A weakness has been identified in Fujian Smart Integrated Management Platform System up to 7.5. Impacted is an unknown function of the file /Module/CRXT/Controller/XCamera.ashx. This manipulation of the argument ChannelName causes sql injection. Remote exploitation of the attack is possible. The...
Yinda Yunchuang Smart Integrated Management Platform System SQL注入漏洞
Yinda Yunchuang Smart Integrated Management Platform System is a smart management system developed by Yinda Yunchuang. Versions of the Yinda Yunchuang Smart Integrated Management Platform System prior to 7.5 contained a SQL injection vulnerability. This vulnerability stemmed from incorrect...
WordPress plugin Coven Core SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. WordPress...
PT-2026-21135
Name of the Vulnerable Software and Affected Versions TeconceTheme Nestbyte Core versions through 1.2 Description A flaw exists in TeconceTheme Nestbyte Core that allows for Blind SQL Injection due to improper neutralization of special elements used in an SQL command. This issue could potentially...
Part-DB SQL注入漏洞
Part-DB is an open-source web-based database designed for managing electronic components. Version 0.4 of Part-DB contains a SQL injection vulnerability. This vulnerability stems from SQL injection attacks on authentication parameters, which could allow unverified attackers to bypass authenticatio...
PT-2026-21137
Name of the Vulnerable Software and Affected Versions TeconceTheme Woodly Core versions through 1.4 Description A flaw exists in TeconceTheme Woodly Core that allows for Blind SQL Injection due to improper neutralization of special elements used in an SQL command. This issue could potentially all...
PT-2026-21009
Name of the Vulnerable Software and Affected Versions Talentics versions through 20022026 Description A flaw exists in Talentics that allows for Blind SQL Injection due to improper neutralization of special elements used in an SQL command. The vendor was contacted regarding this issue but did not...
PT-2026-21147
Name of the Vulnerable Software and Affected Versions TeconceTheme Uroan Core versions through 1.4.4 Description A flaw exists in TeconceTheme Uroan Core that allows for Blind SQL Injection. This is due to improper neutralization of special elements used in an SQL command. Recommendations Update...
PT-2026-21136
Name of the Vulnerable Software and Affected Versions TeconceTheme Saasplate Core versions through 1.2.8 Description A flaw exists in TeconceTheme Saasplate Core saasplate-core that allows for Blind SQL Injection due to improper neutralization of special elements used in an SQL command. This issu...
PT-2026-21133
Name of the Vulnerable Software and Affected Versions TeconceTheme Electio Core versions through 1.4 Description The software contains a flaw due to improper neutralization of special elements used in an SQL command, leading to a Blind SQL Injection condition. This allows for potential unauthoriz...
CVE-2026-1581
The wpForo Forum plugin for WordPress is vulnerable to time-based SQL Injection via the 'wpfob' parameter in all versions up to, and including, 2.4.14 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...
CVE-2025-15560
An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can...
CVE-2026-25378
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.4...