Lucene search
K

106 matches found

Nuclei
Nuclei
added yesterday87 views

NocoBase - SQL Injection

NocoBase versions prior to 2.0.39 contain a SQL injection vulnerability in the @nocobase/database package. The queryParentSQL function in eager-loading-tree.ts constructs a recursive CTE query by directly concatenating user-controlled primary key values into the SQL WHERE IN clause without...

8.8CVSS6.2AI score0.01875EPSS
Exploits1References2
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-54698 Hasura: Row-level authorization bypass on table computed fields

Hasura is an open-source product that provides users GraphQL or REST APIs. Prior to 2.49.2 and 2.45.5, a user can use a where clause on a table computed field returning SETOF sometable to infer row values that ought to be filtered for their role based on sometable's row-level permissions. While...

6CVSS0.0017EPSS
Exploits0References1
CVE
CVE
added 4 days ago13 views

CVE-2026-54698

Hasura CVE-2026-54698 describes a row-level authorization bypass on table computed fields. Before versions 2.49.2 and 2.45.5, a user could use a where clause on a table computed field (returning SETOF some_table) to infer rows that should be filtered for their role according to some_table’s row-l...

6CVSS5.9AI score0.0017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago4 views

CVE-2026-54698

Hasura is an open-source product that provides users GraphQL or REST APIs. Prior to 2.49.2 and 2.45.5, a user can use a where clause on a table computed field returning SETOF sometable to infer row values that ought to be filtered for their role based on sometable's row-level permissions. While...

6CVSS5.9AI score0.0017EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 4 days ago5 views

PT-2026-56262

Name of the Vulnerable Software and Affected Versions Hasura versions prior to 2.49.2 Hasura versions prior to 2.45.5 Description A flaw exists where a user can employ a where clause on a table computed field that returns SETOF some table to infer row values. This occurs even when those rows shou...

6CVSS6.1AI score0.0017EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/30 11:20 a.m.6 views

EUVD-2026-40295

DBIx::QuickORM versions before 0.000026 for Perl allow SQL injection via unquoted SQL identifiers. The default SQL builder, a SQL::Abstract subclass, sets bindtype in its constructor but never quotechar, so SQL::Abstract emits identifiers verbatim. Caller-supplied identifiers orderby, where-claus...

9.8CVSS5.8AI score0.0035EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-53847

Name of the Vulnerable Software and Affected Versions DBIx::QuickORM versions prior to 0.000026 Description An issue exists where SQL identifiers are emitted verbatim into generated queries without proper quoting or escaping. This occurs because the default SQL builder, a SQL::Abstract subclass,...

9.8CVSS5.8AI score0.0035EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.5 views

PT-2026-53269

Name of the Vulnerable Software and Affected Versions FrontAccounting versions prior to 2.4.20 Description An issue exists in the Bank Statement report handler that allows authenticated attackers to extract arbitrary database data. By injecting UNION SELECT payloads into the PARAM 0 POST paramete...

7.1CVSS6AI score0.00148EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.13 views

PT-2026-42517

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/reports.php where the tick id POST parameter is concatenated into the WHERE clause of SELECT statements in the incidents summary report without sanitization. Authenticated attackers can craft requests that alter query...

7.1CVSS5.9AI score0.00214EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.11 views

PT-2026-42518

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tick id and f tick id POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests...

7.1CVSS5.9AI score0.00218EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

WordPress plugin SureCart SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.3CVSS5.9AI score0.00338EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/04/27 12:0 a.m.165 views

📄 Sequelize 6.37.7 SQL Injection

A remote SQL injection vulnerability exists Sequelize versions 6.37.7 and below in the JSON/JSONB where clause processing. When Sequelize parses a JSON path key containing ::, the value after :: is treated as a SQL cast type and is inserted into the generated SQL without proper validation. If an...

7.5CVSS5.8AI score0.00422EPSS
Exploits2
Snyk
Snyk
added 2026/04/18 1:7 a.m.7 views

SQL Injection

Overview dagster-snowflake is a Package for Snowflake Dagster framework components. Affected versions of this package are vulnerable to SQL Injection via the construction of SQL WHERE clauses in database I/O manager integrations. An attacker can execute arbitrary SQL commands by creating speciall...

8.7CVSS6.1AI score0.00265EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.12 views

PT-2026-30492

OpenDocMan 1.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'where' parameter. Attackers can send GET requests to search.php with malicious SQL payloads in the 'where' parameter to extract sensitiv...

8.8CVSS6AI score0.00327EPSS
Exploits1References4
EUVD
EUVD
added 2026/04/02 5:59 p.m.4 views

EUVD-2026-18470

OpenProject is an open-source, web-based project management software. Prior to version 17.2.3, the =n operator in modules/reporting/lib/report/operator.rb:177 embeds user input directly into SQL WHERE clauses without parameterization. This issue has been patched in version 17.2.3...

9.9CVSS5.8AI score0.0027EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/02 5:59 p.m.3 views

CVE-2026-34717

OpenProject is an open-source, web-based project management software. Prior to version 17.2.3, the =n operator in modules/reporting/lib/report/operator.rb:177 embeds user input directly into SQL WHERE clauses without parameterization. This issue has been patched in version 17.2.3...

9.9CVSS5.8AI score0.0027EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.4 views

PT-2026-29864

OpenProject is an open-source, web-based project management software. Prior to version 17.2.3, the =n operator in modules/reporting/lib/report/operator.rb:177 embeds user input directly into SQL WHERE clauses without parameterization. This issue has been patched in version 17.2.3...

9.9CVSS5.8AI score0.0027EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.11 views

OpenProject SQL注入漏洞

OpenProject is an open-source web-based project management software. Versions of OpenProject prior to 17.2.3 had a SQL injection vulnerability. This vulnerability stemmed from the use of the = operator, which directly embedded user input into the SQL WHERE clause, potentially allowing SQL injecti...

9.9CVSS5.9AI score0.0027EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/31 9:0 p.m.4 views

CVE-2026-34400

Alerta is a monitoring tool. Prior to version 9.1.0, the Query string search API q= was vulnerable to SQL injection via the Postgres query parser, which built WHERE clauses by interpolating user-supplied search terms directly into SQL strings via f-strings. This issue has been patched in version...

6.9CVSS5.8AI score0.00505EPSS
Exploits0References7Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.4 views

CVE-2026-32098

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.9 and 8.6.35, an attacker can exploit LiveQuery subscriptions to infer the values of protected fields without directly receiving them. By subscribing with a WHERE clause th...

7.5CVSS5.8AI score0.00288EPSS
Exploits0References1
Rows per page
Query Builder