EUVD-2024-48286

Malicious code in bioql PyPI...

EUVD-2022-2029

Malicious code in bioql PyPI...

EUVD-2022-3317

Malicious code in bioql PyPI...

EUVD-2022-2953

Malicious code in bioql PyPI...

EUVD-2022-42772

Malicious code in bioql PyPI...

EUVD-2022-30897

Malicious code in bioql PyPI...

EUVD-2025-12715

Malicious code in bioql PyPI...

EUVD-2024-35338

Malicious code in bioql PyPI...

EUVD-2024-35111

Malicious code in bioql PyPI...

PHPGurukul Small CRM SQL注入漏洞

Small CRM is a customer relationship management system. Small CRM suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter email in the file /forgot-password.php. An attacker can exploit this vulnerability to...

PT-2025-36460

CVE ID: CVE-2025-0003 Published: 2025-03-05T00:00:00.000Z Severity: HIGH 8.8/10 Description SQL injection vulnerability in the reporting module of Business Analytics Suite v4.5.0 allows authenticated users to execute arbitrary SQL commands. Root Cause Improper neutralization of special elements i...

Sports Management System mode.php File SQL Injection Vulnerability

Sports Management System a sports management system. The Sports Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter code in the file /Admin/mode.php. An attacker can exploit this vulnerability...

CVE-2024-13979

A SQL injection vulnerability exists in the St. Joe ERP system "圣乔ERP系统" that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login endpoint. The application fails to properly sanitize user-supplied input before incorporating it into...

CVE-2025-51968

A SQL Injection vulnerability exists in the action.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The application fails to properly sanitize user-supplied input in the proId POST parameter, allowing attackers to inject arbitrary SQL expressions...

CVE-2024-13979

CVE-2024-13979 refers to a SQL injection in the St. Joe ERP System. The vulnerability arises from insufficient input sanitization in the login endpoint, allowing unauthenticated remote attackers to craft HTTP POST requests that manipulate backend SQL queries. Impact per sources: unauthorized data...

CVE-2024-13979 St. Joe ERP System SingleRowQueryConverter SQL Injection

A SQL injection vulnerability exists in the St. Joe ERP system "圣乔ERP系统" that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login endpoint. The application fails to properly sanitize user-supplied input before incorporating it into...

CVE-2025-51506

In the smartLibrary component of the HRForecast Suite 0.4.3, a SQL injection vulnerability was discovered in the valueKey parameter. This flaw enables any authenticated user to execute arbitrary SQL queries, via crafted payloads to valueKey to the api/smartlibrary/v2/en/dictionaries/options/looku...

CVE-2025-54475

A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4.4 for Joomla allows low-privilege users to execute arbitrary SQL commands...

CVE-2025-54475

This CVE (CVE-2025-54475) affects the JS Jobs plugin for Joomla, versions 1.3.2–1.4.4. The issue is a SQL injection that can be triggered by low-privilege users and may allow execution of arbitrary SQL commands. The vulnerability is classified with CVSS v4.0: AV:N/AC:L/PR:L/UI:N/VC:H/VI:H/SI:N/VA...

CVE-2025-8296

SQL injection in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to execute arbitrary SQL queries. In certain conditions, this can also lead to remote code execution...