CVE-2026-9848 WP Ticket <= 6.0.4 - Unauthenticated SQL Injection via WordPress Search 's' Parameter

The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPress search query parameter s in versions up to, and including, 6.0.4 The plugin hooks WordPress's postsrequest filter with wpticketcompostsrequest, which calls emdauthorsearchresults when the current request is an...

CVE-2018-25410

SIM-PKH 2.4.1 contains an SQL injection in admin/media.php via the id parameter. In the affected flow, an authenticated attacker can craft GET requests with module=pengurus and act=editpengurus to inject SQL UNION statements, enabling extraction of database information (usernames, database names,...

EUVD-2019-19899

Kepler Wallpaper Script 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the category parameter. Attackers can send GET requests to the category endpoint with URL-encoded SQL UNION statements to...

📄 Easy Hosting Control Panel 20.04.1.b SQL Injection

Easy Hosting Control Panel version 20.04.1.b suffers from a remote SQL injection vulnerability in the listdomains function via the arananalan POST parameter. Title: Easy Hosting Control Panel EHCP 20.04.1.b - SQL Injection in the listdomains function via the arananalan POST parameter Description:...

Exploit for SQL Injection in Dimdavid File_Provider

CVE-2025-4578 File Provider = 5.0.12 time-based blind - Parame...

📄 Campcodes Online Hospital Management System 1.0 SQL Injection

Campcodes Online Hospital Management System version 1.0 suffers from a remote SQL injection vulnerability. Exploit Title: Campcodes Online Hospital Management System 1.0 - SQL Injection Google Dork: N/A Exploit Author: Carine Constantino Vendor Homepage: https://www.campcodes.com Software Link:...

Exploit for CVE-2024-2387

CVE-2024-2387 Advanced Form Integration – Connect WooCommerce...

Exploit for SQL Injection in Eniture Ltl_Freight_Quotes

CVE-2024-13483 LTL Freight Quotes – SAIA Edition = 5.6 AND err...

Exploit for SQL Injection in Eniture Ltl_Freight_Quotes

CVE-2024-13485 LTL Freight Quotes – ABF Freight Edition = 5.6...

Exploit for SQL Injection in Enituretechnology Ltl_Freight_Quotes

CVE-2024-13488 LTL Freight Quotes – Estes Edition = 5.6 AND er...

Exploit for CVE-2024-12025

CVE-2024-12025 Collapsing Categories = 5.0 AND error-based - W...

AccPack Cop CMS 1.0 SQL Injection

============================================================================================================================================= | Title : AccPack Cop CMS v1.0 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64...

Xhibiter NFT Marketplace 1.10.2 - SQL Injection Vulnerability

Exploit Title: xhibiter nft marketplace SQLI Google Dork: intitle:"View - Browse, create, buy, sell, and auction NFTs" Exploit Author: Sohel yousef - https://www.linkedin.com/in/sohel-yousef-50a905189/ Vendor Homepage: https://elements.envato.com/xhibiter-nft-marketplace-html-template-AQN45FA...

Xhibiter NFT Marketplace 1.10.2 SQL Injection

Exploit Title: xhibiter nft marketplace SQLI Google Dork: intitle:"View - Browse, create, buy, sell, and auction NFTs" Date: 29/06/204 Exploit Author: Sohel yousef - https://www.linkedin.com/in/sohel-yousef-50a905189/ Vendor Homepage:...

UP-RESULT 0.1 2024 SQL Injection Vulnerability

Title: upresult0.1-2024 Multiple-SQLi Author: nu11secur1ty Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/15653/best-student-result-management-system-project-source-code-php-and-mysql-free-download Reference: https://portswigger.net/web-security/sql-injection...

UP-RESULT 0.1 2024 SQL Injection

Title: upresult0.1-2024 Multiple-SQLi Author: nu11secur1ty Date: 04/08/2024 Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/15653/best-student-result-management-system-project-source-code-php-and-mysql-free-download Reference:...

Computer Laboratory Management System v1.0 - Multiple-SQLi

Title: Computer Laboratory Management System v1.0 - Multiple-SQLi Author: nu11secur1ty Date: 03/28/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.htmlcomment-104400 Reference:...

Simple Student Attendance System v1.0 Time Based Blind & Union Based SQL Injection Vulnerability

Exploit Title: Simple Student Attendance System v1.0 - 'classid' Time Based Blind & Union Based SQL Injection Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: oretnom23 Vendor Homepage: https://www.sourcecodester.com/php/17018/simple-student-attendance-system-using-php-and-mysql.html Software Link...

101 News 1.0 - Multiple-SQLi

Title: 101 News-1.0 Multiple-SQLi Author: nu11secur1ty Date: 09/16/2023 Vendor: https://mayurik.com/ Software: https://www.sourcecodester.com/php/16067/best-online-news-portal-project-php-free-download.html Reference: https://portswigger.net/web-security/sql-injection Description: The searchtitle...

Travel 1.0 SQL Injection

Title: travel-1.0-by-oretnom23 Multiple-SQLi Author: nu11secur1ty Date: 11/12/2023 Vendor: https://github.com/oretnom23 Software: https://github.com/oretnom23/php-travel-agency-system Reference: https://portswigger.net/web-security/sql-injection Description: The search parameter appears to be...