Lucene search
K

4197 matches found

EUVD
EUVD
added 2026/06/16 9:4 a.m.12 views

EUVD-2026-37057

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Liquid Web / StellarWP The Events Calendar allows Blind SQL Injection. This issue affects The Events Calendar: from 6.15.12 through 6.16.2...

9.3CVSS5.7AI score0.00229EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.8 views

PT-2026-50125

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpWax Directorist Booking allows Blind SQL Injection. This issue affects Directorist Booking: from n/a through 3.0.3...

8.5CVSS5.6AI score0.00205EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.11 views

PT-2026-49206

WordPress Booking Calendar Contact Form version 1.0.23 contains an unauthenticated blind SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send requests to the admin-ajax.php endpoint wit...

8.8CVSS6.2AI score0.00302EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/12 12:31 a.m.9 views

EUVD-2026-36359

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Beardev JoomSport allows Blind SQL Injection. This issue affects JoomSport: from n/a through 5.7.7...

9.3CVSS5.6AI score0.01323EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/11 10:51 p.m.8 views

CVE-2026-45060 ClipBucket: Blind SQL Injection in progress_video.php

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 129, the actions/progressvideo.php endpoint is vulnerable to blind SQL injection. Any unauthenticated user can exploit the ids parameter to execute SQL queries and exfiltrate sensitive data. This issue has been patch...

9.8CVSS5.7AI score0.00364EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 10:51 p.m.35 views

CVE-2026-45060

CVE-2026-45060 (ClipBucket) affects ClipBucket v5.x prior to 5.5.3. The vulnerability is a blind SQL injection in the actions/progress_video.php endpoint, exploitable by unauthenticated users via the ids parameter to exfiltrate data. The issue is confirmed as patched in version 5.5.3 (#129). If e...

9.8CVSS5.7AI score0.00364EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/11 10:51 p.m.11 views

EUVD-2026-36368

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 129, the actions/progressvideo.php endpoint is vulnerable to blind SQL injection. Any unauthenticated user can exploit the ids parameter to execute SQL queries and exfiltrate sensitive data. This issue has been patch...

9.8CVSS5.7AI score0.00364EPSS
Exploits0References1
NVD
NVD
added 2026/06/11 10:16 p.m.10 views

CVE-2026-42647

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Beardev JoomSport allows Blind SQL Injection. This issue affects JoomSport: from n/a through 5.7.7...

9.3CVSS0.01323EPSS
Exploits1References1
NVD
NVD
added 2026/06/11 10:16 p.m.11 views

CVE-2026-39494

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WBW Plugins Product Filter by WBW allows Blind SQL Injection. This issue affects Product Filter by WBW: from n/a through 3.1.2...

9.3CVSS0.0039EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 9:5 p.m.29 views

CVE-2026-39494

The CVE-2026-39494 entry concerns WordPress Product Filter by WBW plugin

9.3CVSS5.6AI score0.0039EPSS
In wildExploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 9:4 p.m.7 views

CVE-2026-42647 WordPress JoomSport plugin <= 5.7.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Beardev JoomSport allows Blind SQL Injection. This issue affects JoomSport: from n/a through 5.7.7...

9.3CVSS5.6AI score0.01323EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2026/06/11 12:0 a.m.15 views

VulnCheck KEV: CVE-2026-39494

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WBW Plugins Product Filter by WBW allows Blind SQL Injection. This issue affects Product Filter by WBW: from n/a through 3.1.2...

9.3CVSS5.5AI score0.0039EPSS
In wildExploits0References2
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.15 views

PT-2026-48791

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 129, the actions/progress video.php endpoint is vulnerable to blind SQL injection. Any unauthenticated user can exploit the ids parameter to execute SQL queries and exfiltrate sensitive data. This issue has been...

9.8CVSS5.7AI score0.00364EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.9 views

CVE-2025-11024

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Blind SQL Injection. This issue affects E-Commerce Website: before 4.5.001...

9.8CVSS5.6AI score0.00358EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.7 views

CVE-2025-68060

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPMart Team Member allows Blind SQL Injection. This issue affects Team Member: from n/a through 8.5...

7.6CVSS5.6AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.8 views

CVE-2026-4608

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to blind SQL Injection via the 'rid' parameter in all versions up to, and including, 5.9.8.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQ...

6.5CVSS5.7AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.8 views

CVE-2026-49771

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in 10Web Photo Gallery by 10Web allows Blind SQL Injection. This issue affects Photo Gallery by 10Web: from n/a through 1.8.41...

7.6CVSS5.6AI score0.00227EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.8 views

CVE-2026-45211

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affects APIExperts Square for WooCommerce: from n/a through = 4.7.1...

8.5CVSS5.6AI score0.00223EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.10 views

CVE-2026-45218

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This issue affects WP Travel: from n/a through = 11.4.0...

7.7CVSS5.6AI score0.00209EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.10 views

CVE-2026-45214

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Blind SQL Injection.This issue affects Xpro Elementor Addons: from n/a through = 1.5.1...

8.5CVSS5.6AI score0.00223EPSS
Exploits0References1
Rows per page
Query Builder