CVE-2026-26694

code-projects Simple Student Alumni System v1.0 is vulnerale to SQL Injection in /TracerStudy/modalview.php...

CVE-2023-25206

PrestaShop wsproductreviews 3.6.2 is vulnerable to SQL Injection...

CVE-2023-31752

SourceCodester Employee and Visitor Gate Pass Logging System v1.0 is vulnerable to SQL Injection via /employeegatepass/classes/Login.php...

CVE-2023-31707

SEMCMS 1.5 is vulnerable to SQL Injection via AntRponse.php...

CVE-2018-12498

spider.admincp.php in iCMS v7.0.8 has SQL Injection via the id parameter in an app=spider=batch request to admincp.php...

CVE-2018-19510

subscriber.php in Webgalamb through 7.0 is vulnerable to SQL injection via the Client-IP HTTP request header...

CVE-2009-4899

pixelpost 1.7.1 has SQL injection...

CVE-2022-42098

KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php...

CVE-2023-4442

A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. It has been rated as critical. This issue affects some unknown processing of the file \vm\patient\booking-complete.php. The manipulation of the argument userid/apponum/scheduleid leads to sql...

CVE-2013-7346

Cross-site request forgery CSRF vulnerability in Symphony CMS before 2.3.2 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the sort parameter to system/authors/, related to CVE-2013-2559...

CVE-2019-12355

An issue was discovered in zzcms 2019. There is a SQL injection Vulnerability in /user/dlsprint.php when the attacker has dlsprint authority via the id parameter...

CVE-2025-1116

A vulnerability, which was classified as critical, has been found in Dreamvention Live AJAX Search Free up to 1.0.6 on OpenCart. Affected by this issue is the function searchresults/search of the file /?route=extension/livesearch/module/livesearch.searchresults. The manipulation of the argument...

CVE-2024-2069

A vulnerability classified as critical has been found in SourceCodester FAQ Management System 1.0. Affected is an unknown function of the file /endpoint/delete-faq.php. The manipulation of the argument faq leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2024-2061

A vulnerability classified as critical was found in SourceCodester Petrol Pump Management Software 1.0. This vulnerability affects unknown code of the file /admin/editsupplier.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has be...

CVE-2024-2871

The Media Library Assistant plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcodes in all versions up to, and including, 3.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...

CVE-2024-2387

The Advanced Form Integration – Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms plugin for WordPress is vulnerable to SQL Injection via the ‘integrationid’ parameter in all versions up to, and including, 1.82.0 due to insufficient escaping on the user supplied paramete...

EUVD-2017-14449

Malware in sbrugna...

EUVD-2020-24017

Malware in sbrugna...

EUVD-2017-11134

Malware in sbrugna...

EUVD-2014-1218

Malware in sbrugna...