4 matches found
CVE-2026-33122 DataEase has SQL Injection via Datasource Management
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the API datasource update process. When a new table definition is added during a datasource update via /de2api/datasource/update, the deTableName field from th...
WordPress plugin Premmerce Wholesale Pricing for WooCommerce SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...
PT-2022-25964 · WordPress · Contest Gallery Pro +1
Name of the Vulnerable Software and Affected Versions: Contest Gallery WordPress plugin versions prior to 19.1.5.1 Contest Gallery Pro WordPress plugin versions prior to 19.1.5.1 Description: The issue allows malicious users with at least author privilege to leak sensitive information from the...
TeamPass SQL Injection Vulnerability (CNVD-2016-04930)
TeamPass is a dedicated password manager for Apache, MySQL and PHP. TeamPass has a SQL injection vulnerability in sources/items.series.php. In a "sendemail" request, when the condition "$POST'cat' == "sharethisitem"" is successful, the POST parameter "id" is unescaped, which can lead to SQL...