NetSupport Manager 安全漏洞

NetSupport Manager is a remote control software from NetSupport Manager, Inc. A security vulnerability exists in NetSupport Manager versions prior to 14.12.0001, which stems from an unauthenticated SQL injection in Connectivity Server/Gateway HTTPS request processing, which could lead to the...

CVE-2025-10738

CVE-2025-10738 concerns the WordPress URL Shortener Plugin for WordPress. The initial description notes an Unauthenticated SQL Injection via the parameter ‘analytic_id’ in all versions up to and including 3.0.7, due to insufficient escaping and preparation of the SQL query. Connected documents (W...

PT-2025-50761

Name of the Vulnerable Software and Affected Versions xbtitFM version 4.1.18 Description The software contains an unauthenticated SQL injection issue. Remote attackers can manipulate database queries by injecting malicious SQL code through the msgid parameter. Crafted requests sent to the...

CVE-2025-32786 GLPI Inventory Plugin is Vulnerable to Unauthenticated SQL Injection

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1...

EUVD-2025-37502

An unauthenticated SQL Injection was discovered within the Geutebruck G-Cam E-Series Cameras through the Group parameter in the /uapi-cgi/viewer/Param.cgi script. This has been confirmed on the EFD-2130 camera running firmware version 1.12.0.19...

Exploit for Improper Validation of Certificate with Host Mismatch in Fortinet Fortiproxy

watchTowr-vs-FortiWeb-CVE-2025-25257 Detection Artifact Gener...

CVE-2025-9322

CVE-2025-9322 : WordPress plugin Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions (up to and including 8.3.1) is vulnerable to unauthenticated SQL Injection via the wpfs-form-name parameter. The issue arises from insufficient escaping of the user-suppli...

📄 Log2Space Subscriber Management Software 1.1 SQL Injection

Log2Space Subscriber Management Software version 1.1 suffers from an unauthenticated remote SQL injection vulnerability. Author: Aditya Patil [email protected] Rohan Patil [email protected] CVE-2025-56450 Unauthenticated SQL Injection in Log2Space Subscriber Management Software...

EUVD-2020-2834

Malware in sbrugna...

EUVD-2023-53564

Malicious code in bioql PyPI...

EUVD-2023-49641

Malicious code in bioql PyPI...

EUVD-2023-53583

Malicious code in bioql PyPI...

EUVD-2023-54340

Malicious code in bioql PyPI...

EUVD-2023-55595

Malicious code in bioql PyPI...

EUVD-2023-52752

Malicious code in bioql PyPI...

EUVD-2023-50868

Malicious code in bioql PyPI...

EUVD-2023-50960

Malicious code in bioql PyPI...

EUVD-2022-24609

Malicious code in bioql PyPI...

CVE-2025-56162

YOSHOP 2.0 suffers from an unauthenticated SQL injection in the goodsIds parameter of the /api/goods/listByIds endpoint. The getListByIds function concatenates user input into orderRaw'fieldgoodsid, ...', allowing attackers to: a enumerate or modify database data, including dumping admin password...

CVE-2025-59814 Unauthenticated SQL-injection in password field

This vulnerability allows malicious actors to gain unauthorized access to the Zenitel ICX500 and ICX510 Gateway Billing Admin endpoint, enabling them to read the entire contents of the Billing Admin database...