Lucene search
K

2762 matches found

CVE
CVE
added 2026/04/14 12:0 a.m.7 views

CVE-2025-65135

CVE-2025-65135 affects manikandan580 School-management-system 1.0. The issue is a time-based blind SQL injection in /studentms/admin/between-date-reprtsdetails.php exploitable via the fromdate POST parameter. According to the data, the vulnerability has CVSS v3.1: Critical (Base Score 9.8) with n...

9.8CVSS5.9AI score0.00285EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.6 views

Chamilo SQL注入漏洞

Chamilo is an open-source learning management system developed by Chamilo. Version Chamilo 2.0.0-RC.2 contains a SQL injection vulnerability. This vulnerability stems from SQL injection issues with the statistical AJAX endpoints. It may allow authenticated administrators to execute time-based bli...

7.2CVSS6.1AI score0.00258EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/13 7:25 p.m.7 views

CVE-2026-4116

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication...

7.2CVSS5.8AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/13 7:25 p.m.4 views

CVE-2026-4114

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication...

6.6CVSS5.8AI score0.00597EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/04/13 8:52 a.m.10 views

WordPress WCAPF - WooCommerce Ajax Product Filter plugin <= 4.2.3 - Unauthenticated Time-Based SQL Injection vulnerability

WordPress WCAPF - WooCommerce Ajax Product Filter plugin = 4.2.3 - Unauthenticated Time-Based SQL Injection vulnerability discovered by Youssef Elouaer in WordPress Plugin WCAPF – WooCommerce Ajax Product Filter versions = 4.2.3...

7.5CVSS6AI score0.01473EPSS
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2026/04/13 12:32 a.m.85 views

blind-sqli-lab

🔬 Blind SQL Injection Lab — Time-Based PostgreSQL + FastAPI...

6AI score
Exploits0
Packet Storm
Packet Storm
added 2026/04/13 12:0 a.m.106 views

📄 OpenSTAManager 2.9.8 SQL Injection

OpenSTAManager versions 2.9.8 and below suffer from a remote time-based SQL injection vulnerability in the Article Pricing module. CVE-2026-24416: OpenSTAManager has a Time-Based Blind SQL Injection in Article Pricing Module Overview | Field | Details | |---|---| | CVE ID | CVE-2026-24416 | |...

8.7CVSS5.9AI score0.00366EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/04/13 12:0 a.m.176 views

📄 OpenSTAManager 2.9.8 SQL Injection / Denial of Service

OpenSTAManager versions 2.9.8 and below suffer from a remote time-based SQL injection vulnerability in the search functionality that can lead to a denial of service condition. CVE-2026-24417: OpenSTAManager has a Time-Based Blind SQL Injection with Amplified Denial of Service Overview | Field |...

8.7CVSS5.9AI score0.00366EPSS
Exploits3
Packet Storm
Packet Storm
added 2026/04/13 12:0 a.m.105 views

📄 ChurchCRM SQL Injection

ChurchCRM versions prior to 6.5.3 suffer from a remote SQL injection vulnerability in ConfirmReportEmail.php. CVE-2025-68400: ChurchCRM vulnerable to time-based blind SQL Injection in ConfirmReportEmail.php Overview | Field | Details | |---|---| | CVE ID | CVE-2025-68400 | | Severity | CRITICAL |...

9.3CVSS5.9AI score0.00323EPSS
Exploits3
EUVD
EUVD
added 2026/04/12 3:30 p.m.5 views

EUVD-2019-20134

ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'bid' parameter. Attackers can send POST requests to the admin.php endpoint with malicious 'bid' values containing SQL...

7.1CVSS6AI score0.00342EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/12 3:30 p.m.6 views

EUVD-2019-20132

Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authenticated attackers to extract database information through time-based, blind, and boolean-based injection techniques. Attackers can inject malicious SQL code through the search...

7.1CVSS5.9AI score0.00317EPSS
Exploits1References5
NVD
NVD
added 2026/04/12 1:16 p.m.4 views

CVE-2019-25703

ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'bid' parameter. Attackers can send POST requests to the admin.php endpoint with malicious 'bid' values containing SQL...

8.8CVSS0.00342EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/12 12:28 p.m.3 views

CVE-2019-25713 MyT-PM 1.5.1 SQL Injection via Charge[group_total] Parameter

MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the Chargegrouptotal parameter. Attackers can submit crafted POST requests to the /charge/admin endpoint with error-based, time-based blind...

7.1CVSS6.2AI score0.00276EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/12 12:28 p.m.3 views

CVE-2019-25703 ImpressCMS 1.3.11 SQL Injection via bid Parameter

ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'bid' parameter. Attackers can send POST requests to the admin.php endpoint with malicious 'bid' values containing SQL...

7.1CVSS6AI score0.00342EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/12 12:28 p.m.4 views

CVE-2019-25703

ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'bid' parameter. Attackers can send POST requests to the admin.php endpoint with malicious 'bid' values containing SQL...

7.1CVSS6AI score0.00342EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/04/12 12:28 p.m.29 views

CVE-2019-25703 ImpressCMS 1.3.11 SQL Injection via bid Parameter

ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'bid' parameter. Attackers can send POST requests to the admin.php endpoint with malicious 'bid' values containing SQL...

7.1CVSS0.00342EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/12 12:28 p.m.3 views

CVE-2019-25699 Newsbull Haber Script 1.0.0 Authenticated SQL Injection via search parameter

Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authenticated attackers to extract database information through time-based, blind, and boolean-based injection techniques. Attackers can inject malicious SQL code through the search...

7.1CVSS5.9AI score0.00317EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/12 12:28 p.m.34 views

CVE-2019-25699 Newsbull Haber Script 1.0.0 Authenticated SQL Injection via search parameter

Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authenticated attackers to extract database information through time-based, blind, and boolean-based injection techniques. Attackers can inject malicious SQL code through the search...

7.1CVSS0.00317EPSS
Exploits1References4
CVE
CVE
added 2026/04/12 12:28 p.m.8 views

CVE-2019-25699

Newsbull Haber Script 1.0.0 is affected by multiple SQL injection vulnerabilities in the search parameter, enabling authenticated attackers to extract database information via time-based, blind, and boolean-based techniques. The issues can be triggered through the search parameter in endpoints su...

7.1CVSS5.9AI score0.00317EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/12 12:28 p.m.6 views

CVE-2019-25699

Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authenticated attackers to extract database information through time-based, blind, and boolean-based injection techniques. Attackers can inject malicious SQL code through the search...

7.1CVSS5.9AI score0.00317EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder