EUVD-2024-55331

Purei CMS 1.0 contains a time-based blind SQL injection vulnerability that allows attackers to manipulate database queries through unfiltered user input parameters. Attackers can exploit vulnerable endpoints like getAllParks.php and events-ajax.php by injecting crafted SQL payloads to potentially...

CVE-2025-66313

ChurchCRM is an open-source church management system. In ChurchCRM 6.2.0 and earlier, there is a time-based blind SQL injection in the handling of the 1FieldSec parameter. Injecting SLEEP causes deterministic server-side delays, proving the value is incorporated into a SQL query without proper...

CVE-2025-67516

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Agile Logix Store Locator WordPress agile-store-locator allows Blind SQL Injection.This issue affects Store Locator WordPress: from n/a through = 1.6.2...

CVE-2025-67518

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Accordion Slider PRO accordionsliderpro allows Blind SQL Injection.This issue affects Accordion Slider PRO: from n/a through = 1.2...

EUVD-2025-202127

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in artplacer ArtPlacer Widget artplacer-widget allows Blind SQL Injection.This issue affects ArtPlacer Widget: from n/a through = 2.22.9.2...

EUVD-2025-202126

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Accordion Slider PRO accordionsliderpro allows Blind SQL Injection.This issue affects Accordion Slider PRO: from n/a through = 1.2...

CVE-2025-67517

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in artplacer ArtPlacer Widget artplacer-widget allows Blind SQL Injection.This issue affects ArtPlacer Widget: from n/a through = 2.22.9.2...

CVE-2025-67516

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Agile Logix Store Locator WordPress agile-store-locator allows Blind SQL Injection.This issue affects Store Locator WordPress: from n/a through = 1.6.2...

CVE-2025-67518

The CVE-2025-67518 entry describes an SQL Injection vulnerability in the WordPress Accordion Slider PRO plugin. Affected: Accordion Slider PRO versions up to and including 1.2 (no explicit fixed version provided in the sources). Nature: Improper neutralization of SQL commands enables Blind SQL In...

CVE-2025-67517 WordPress ArtPlacer Widget plugin <= 2.22.9.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in artplacer ArtPlacer Widget artplacer-widget allows Blind SQL Injection.This issue affects ArtPlacer Widget: from n/a through = 2.22.9.2...

CVE-2025-67516 WordPress Store Locator WordPress plugin <= 1.6.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Agile Logix Store Locator WordPress agile-store-locator allows Blind SQL Injection.This issue affects Store Locator WordPress: from n/a through = 1.6.2...

CVE-2025-67518 WordPress Accordion Slider PRO plugin <= 1.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Accordion Slider PRO accordionsliderpro allows Blind SQL Injection.This issue affects Accordion Slider PRO: from n/a through = 1.2...

CVE-2025-67517 WordPress ArtPlacer Widget plugin <= 2.22.9.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in artplacer ArtPlacer Widget artplacer-widget allows Blind SQL Injection.This issue affects ArtPlacer Widget: from n/a through = 2.22.9.2...

WordPress plugin Store Locator WordPress SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Store...

time-based-blind-sqli-exploit

Time-Based Blind SQL Injection Exploit Este repositório conté...

CVE-2025-12465

A Blind SQL injection vulnerability has been identified in QuickCMS. Improper neutralization of input provided by a high-privileged user into aFilesDelete allows for Blind SQL Injection attacks. The vendor was notified early about this vulnerability, but didn't respond with the details of...

CVE-2025-51683

A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...

CVE-2025-12465

A Blind SQL injection vulnerability has been identified in QuickCMS. Improper neutralization of input provided by a high-privileged user into aFilesDelete allows for Blind SQL Injection attacks. The vendor was notified early about this vulnerability, but didn't respond with the details of...

CVE-2025-12465 Blind SQL Injection in QuickCMS

A Blind SQL injection vulnerability has been identified in QuickCMS. Improper neutralization of input provided by a high-privileged user into aFilesDelete allows for Blind SQL Injection attacks. The vendor was notified early about this vulnerability, but didn't respond with the details of...

EUVD-2025-200223

A Blind SQL injection vulnerability has been identified in QuickCMS. Improper neutralization of input provided by a high-privileged user into aFilesDelete allows for Blind SQL Injection attacks. The vendor was notified early about this vulnerability, but didn't respond with the details of...