CVE-2026-0584

A weakness has been identified in code-projects Online Product Reservation System 1.0. This issue affects some unknown processing of the file app/products/leftcart.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been...

CVE-2026-0583

A security flaw has been discovered in code-projects Online Product Reservation System 1.0. This vulnerability affects unknown code of the file app/user/login.php of the component User Login. The manipulation of the argument emailadd results in sql injection. The attack may be launched remotely...

CVE-2026-0582

A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown part of the file /admin/editactivityquery.php. The manipulation of the argument Title leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be...

CVE-2025-15238 Quanta Computer｜QOCA aim AI Medical Cloud Platform - SQL Injection

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

EUVD-2026-0905

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

EUVD-2026-0918

A vulnerability was identified in sfturing hosporder up to 627f426331da8086ce8fff2017d65b1ddef384f8. Affected by this vulnerability is the function findOrderHosNum of the file /ssmpro/orderHos/. Such manipulation of the argument hospitalAddress/hospitalName leads to sql injection. The attack can ...

Code-Projects Online Product Reservation System SQL注入漏洞

Code-Projects Online Product Reservation System is a Code-Projects open source online product reservation system. A SQL injection vulnerability exists in Code-Projects Online Product Reservation System version 1.0, which originates from the incorrect operation of the parameter emailadd in the fil...

PT-2026-1226

Name of the Vulnerable Software and Affected Versions QOCA aim AI Medical Cloud Platform affected versions not specified Description The QOCA aim AI Medical Cloud Platform allows authenticated remote attackers to inject arbitrary SQL commands, potentially enabling them to read database contents...

hosporder SQL注入漏洞

hosporder is a hospital appointment registration system by the individual developer Xiaohao.Shi in China. A SQL injection vulnerability exists in hosporder 627f426331da8086ce8fff2017d65b1ddef384f8 and earlier versions, which stems from an incorrect manipulation of the parameter hospitalAddress/...

WordPress plugin Entrada SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL...

PT-2026-1260

Name of the Vulnerable Software and Affected Versions code-projects Online Product Reservation System version 1.0 Description A security issue exists in code-projects Online Product Reservation System 1.0. The issue involves the manipulation of the transaction id argument within the GET Parameter...

CampCodes Supplier Management System SQL注入漏洞

CampCodes Supplier Management System is a supplier management system from CampCodes, Inc. A SQL injection vulnerability exists in CampCodes Supplier Management System version 1.0, which stems from incorrect manipulation of the parameter txtRetailerAddress in the file /retailer/editprofile.php,...

FreeBPX < 16.0.92 Multiples Vulnerabilities

According to its self-reported version number, the FreePBOX application running on the remote host is prior to 16.0.92 or 17.x prior to 17.0.6. It is, therefore, affected by multiples vulnerabilities : - An arbitrary file upload vulnerability in the FreePBX Endpoint Management module affecting th...

WordPress plugin Infility Global SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injection...

PT-2026-1289

Name of the Vulnerable Software and Affected Versions Centreon Infra Monitoring versions 24.04.0 through 24.04.3 Centreon Infra Monitoring versions 24.10.0 through 24.10.3 Centreon Infra Monitoring versions 25.10.0 through 25.10.2 Description A flaw exists in Centreon Infra Monitoring Awie export...

CVE-2025-15446

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The vendor mentioned in the original disclosure filed a report that this issue affects a different...

CVE-2026-0579

CVE-2026-0579 affects Code-Projects Online Product Reservation System 1.0. A SQL injection exists in the POST Parameter Handler for /handgunner-administrator/edit.php, triggered by manipulating the arguments prod_id, name, price, model, or serial. The vulnerability is exploitable remotely and pub...

EUVD-2026-0776

A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the file /adminapi/export/productlist. This manipulation of the argument cateid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2026-0576

A vulnerability was detected in code-projects Online Product Reservation System 1.0. Affected is an unknown function of the file /handgunner-administrator/prod.php of the component Parameter Handler. Performing a manipulation of the argument cat/price/name/model/serial results in sql injection. I...

PT-2026-1199

Name of the Vulnerable Software and Affected Versions Seeyon Zhiyuan OA Web Application System versions prior to 20251224 Description A flaw exists in Seeyon Zhiyuan OA Web Application System. The issue involves the manipulation of the unitCode argument within an unknown function of the file...