CVE-2025-58453 WeGIA vulnerable to Blind Time-Based SQL Injection in endpoint 'exibe_anexo.php' parameter 'id_anexo'

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in WeGIA versions 3.4.10 and prior in the endpoint /WeGIA/html/memorando/exibeanexo.php, in the idanexo parameter. This vulnerability allow an authorized attacker to execute arbitrary SQL queries,...

CVE-2025-58453

CVE-2025-58453 affects WeGIA Web Manager (versions 3.4.10 and earlier). The SQL Injection occurs in the exibe_anexo.php endpoint via the id_anexo parameter, enabling an attacker to run arbitrary SQL and access sensitive data. A patch is available in version 3.4.11. Some sources indicate a proof-o...

CVE-2025-58628

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav Miraculous miraculous allows Blind SQL Injection.This issue affects Miraculous: from n/a through 2.0.9...

CVE-2025-58881

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus New Simple Gallery new-simple-gallery allows Blind SQL Injection.This issue affects New Simple Gallery: from n/a through = 8.0...

CVE-2025-7385

Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL injection vulnerability, which might be exploited by an unauthenticated remote attacker. Versions 4.0 and above are not affected...

CVE-2025-58628 WordPress Miraculous Theme < 2.0.9 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav Miraculous miraculous allows Blind SQL Injection.This issue affects Miraculous: from n/a through 2.0.9...

CVE-2025-58628 WordPress Miraculous Theme < 2.0.9 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav Miraculous miraculous allows Blind SQL Injection.This issue affects Miraculous: from n/a through 2.0.9...

CVE-2025-58788

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saad Iqbal License Manager for WooCommerce license-manager-for-woocommerce allows Blind SQL Injection.This issue affects License Manager for WooCommerce: from n/a through = 3.0.12...

CVE-2025-58881 WordPress New Simple Gallery Plugin <= 8.0 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus New Simple Gallery new-simple-gallery allows Blind SQL Injection.This issue affects New Simple Gallery: from n/a through = 8.0...

CVE-2025-58881 WordPress New Simple Gallery Plugin <= 8.0 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus New Simple Gallery allows Blind SQL Injection. This issue affects New Simple Gallery: from n/a through 8.0...

CVE-2025-58788

CVE-2025-58788 affects the WordPress plugin License Manager for WooCommerce (vulnerable: up to 3.0.12). The issue is an SQL injection due to improper neutralization of special elements, enabling blind SQL injection. CVSS 3.1 base score 7.6 (HIGH) with potential high confidentiality impact and low...

CVE-2025-58788 WordPress License Manager for WooCommerce Plugin <= 3.0.12 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saad Iqbal License Manager for WooCommerce license-manager-for-woocommerce allows Blind SQL Injection.This issue affects License Manager for WooCommerce: from n/a through = 3.0.12...

WordPress plugin New Simple Gallery SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

CVE-2025-7385

Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL injection vulnerability, which might be exploited by an unauthenticated remote attacker. Versions 4.0 and above are not affected...

CVE-2025-7385

CVE-2025-7385 affects GOV CMS with a vulnerability in the search query parameter handling that is not properly sanitized, enabling a Blind SQL injection. According to connected documents, the issue impacts GOV CMS versions prior to 4.0; versions 4.0 and above are not affected. The vulnerability c...

VulnCheck KEV: CVE-2025-32969

XWiki is a generic wiki platform. In versions starting from 1.8 and prior to 15.10.16, 16.4.6, and 16.10.1, it is possible for a remote unauthenticated user to escape from the HQL execution context and perform a blind SQL injection to execute arbitrary SQL statements on the database backend,...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in Blind SQL Injection

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of Blind SQL Injection Vulnerability Details CVEID:CVE-2025-0165 DESCRIPTION: IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data is vulnerable to SQL injection. A remote attacker could send specially crafted SQL...

CVE-2025-54678

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Blind SQL Injection.This issue affects Easy Form Builder: from n/a through = 3.8.15...

CVE-2025-1929

CVE-2025-1929 concerns an SQL injection in Reel Sektör Hazine ve Risk Yönetimi Yazılımı (Risk Yazılım Teknolojileri Ltd. Şti.) through version 1.0.0.4. The issue is described as improper neutralization of special elements used in an SQL command, i.e., a blind SQL injection (CAPEC-7). Connected so...

CVE-2025-1929

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection. This issue affects Reel Sektör Hazine ve Risk Yönetimi...