13181 matches found
CVE-2026-31896
WeGIA is a web manager for charitable institutions. Prior to version 3.6.6, a critical SQL injection vulnerability exists in the WeGIA application. The removerprodutoocultar.php script uses extract$REQUEST to populate local variables and then directly concatenates these variables into a SQL query...
CVE-2018-25207 Online Quiz Maker 1.0 SQL Injection via catid Parameter
Online Quiz Maker 1.0 contains SQL injection vulnerabilities in the catid and usern parameters that allow authenticated attackers to execute arbitrary SQL commands. Attackers can submit malicious POST requests to quiz-system.php or add-category.php with crafted SQL payloads in POST parameters to...
Kepler Wallpaper Script SQL注入漏洞
Kepler Wallpaper Script is a desktop wallpaper generation script developed by Kepler Wallpaper Inc. Version 1.1 of Kepler Wallpaper Script contains an SQL injection vulnerability. This vulnerability stems from the category parameter, which allows for SQL injections, potentially enabling...
phpTransformer 路径遍历漏洞
phpTransformer is a content management system developed by the Lebanese company phpTransformer. The version 2016.9 of phpTransformer has a path traversal vulnerability. This vulnerability stems from an SQL injection vulnerability in the idnews parameter, which could allow remote attackers to...
CVE-2026-33133 WeGIA has an arbitrary SQL execution vulnerability via crafted backup archive
WeGIA is a web manager for charitable institutions. In versions 3.6.5 and 3.6.6, the loadBackupDB function imports SQL files from uploaded backup archives without any content validation. An attacker can craft a backup archive containing arbitrary SQL statements that create rogue administrator...
CVE-2026-32888
CVE-2026-32888 affects Open Source Point of Sale (PHP, CodeIgniter). A SQL Injection exists in the Items search functionality when the custom attribute search feature (search_custom) is enabled: user input from the search GET parameter is interpolated directly into a HAVING clause without paramet...
CVE-2026-32767
SiYuan is a personal knowledge management system. Versions 3.6.0 and below contain an authorization bypass vulnerability in the /api/search/fullTextSearchBlock endpoint. When the method parameter is set to 2, the endpoint passes user-supplied input directly as a raw SQL statement to the underlyin...
CVE-2026-32767 SiYuan: Authorization Bypass Allows Arbitrary SQL Execution via Search API
SiYuan is a personal knowledge management system. Versions 3.6.0 and below contain an authorization bypass vulnerability in the /api/search/fullTextSearchBlock endpoint. When the method parameter is set to 2, the endpoint passes user-supplied input directly as a raw SQL statement to the underlyin...
CVE-2026-32767
SiYuan is a personal knowledge management system. Versions 3.6.0 and below contain an authorization bypass vulnerability in the /api/search/fullTextSearchBlock endpoint. When the method parameter is set to 2, the endpoint passes user-supplied input directly as a raw SQL statement to the underlyin...
CVE-2026-32767 SiYuan: Authorization Bypass Allows Arbitrary SQL Execution via Search API
SiYuan is a personal knowledge management system. Versions 3.6.0 and below contain an authorization bypass vulnerability in the /api/search/fullTextSearchBlock endpoint. When the method parameter is set to 2, the endpoint passes user-supplied input directly as a raw SQL statement to the underlyin...
EUVD-2025-208846
Microsoft Dynamics 365 Customer Engagement on-premises 1612 9.0.2.3034 allows the generation of customized reports via raw SQL queries in an upload of a .rdl Report Definition Language file; this is then processed by the SQL Server Reporting Service. An account with the privilege Add Reporting...
CVE-2025-58112
Microsoft Dynamics 365 Customer Engagement on-premises 1612 9.0.2.3034 allows the generation of customized reports via raw SQL queries in an upload of a .rdl Report Definition Language file; this is then processed by the SQL Server Reporting Service. An account with the privilege Add Reporting...
EUVD-2026-12797
A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands. The vulnerability exists due to missing input sanitization...
CVE-2026-22730
A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands. The vulnerability exists due to missing input sanitization...
CVE-2026-22730 CVE-2026-22730: SQL Injection in Spring AI MariaDBFilterExpressionConverter
A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands. The vulnerability exists due to missing input sanitization...
CVE-2025-58112
Microsoft Dynamics 365 Customer Engagement on-premises 1612 9.0.2.3034 allows the generation of customized reports via raw SQL queries in an upload of a .rdl Report Definition Language file; this is then processed by the SQL Server Reporting Service. An account with the privilege Add Reporting...
CVE-2025-58112
Microsoft Dynamics 365 Customer Engagement on-premises 1612 9.0.2.3034 allows the generation of customized reports via raw SQL queries in an upload of a .rdl Report Definition Language file; this is then processed by the SQL Server Reporting Service. An account with the privilege Add Reporting...
PT-2026-25940
Name of the Vulnerable Software and Affected Versions Spring AI versions prior to 1.0.4 Spring AI versions prior to 1.1.3 Description A critical SQL injection flaw exists in Spring AI's MariaDBFilterExpressionConverter component. This issue allows attackers to bypass metadata-based access control...
CVE-2026-32628
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, a SQL injection vulnerability in the built-in SQL Agent plugin allows any user who can invoke the agent to execute arbitrary SQL commands on connected...
SQL Injection
Overview vanna is a Generate SQL queries from natural language Affected versions of this package are vulnerable to SQL Injection via the removetrainingdata function in the file bigqueryvector.py. An attacker can execute arbitrary SQL commands by supplying crafted input to the ID argument...