Lucene search
K

8790 matches found

CVE
CVE
added 2026/06/18 12:56 p.m.17 views

CVE-2026-54222

UBB.threads is vulnerable to a Blind SQL Injection due to insufficient input sanitization. The vulnerability has been confirmed in version 7.7.5 and may affect other versions. Attack requires access to the Members in Control Panel and can extract data through time-based or boolean-based queries v...

8.6CVSS5.7AI score0.00305EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/18 12:56 p.m.8 views

CVE-2026-54222

UBB.threads is vulnerable to Blind SQL Injection, allowing attackers with access to the Members in Control Panel to interact with the underlying database. Due to insufficient input sanitization, an attacker can extract sensitive information, such as user credentials, by manipulating SQL queries...

8.6CVSS5.6AI score0.00305EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/18 12:56 p.m.8 views

EUVD-2026-37885

UBB.threads is vulnerable to Blind SQL Injection, allowing attackers with access to the Members in Control Panel to interact with the underlying database. Due to insufficient input sanitization, an attacker can extract sensitive information, such as user credentials, by manipulating SQL queries...

8.6CVSS5.6AI score0.00305EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.10 views

EUVD-2026-37552

The JetEngine plugin for WordPress is vulnerable to SQL injection in all versions up to and including 3.8.10.1. The listingloadmore AJAX handler accepts a filteredquery parameter that is intentionally excluded from the HMAC query signature check to support front-end filter integration. However,...

7.5CVSS5.7AI score0.00322EPSS
Exploits0References7
NVD
NVD
added 2026/06/17 3:17 p.m.12 views

CVE-2026-54812

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109...

9.3CVSS0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 2:24 p.m.11 views

EUVD-2026-37727

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109...

9.3CVSS5.6AI score0.00291EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 2:24 p.m.16 views

CVE-2026-54812

CVE-2026-54812 describes an SQL Injection in StylemixThemes Motors (WordPress plugin)

9.3CVSS5.6AI score0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 2:24 p.m.34 views

CVE-2026-54812 WordPress Motors plugin <= 1.4.109 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109...

9.3CVSS0.00291EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 2:17 p.m.17 views

CVE-2026-54819

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Webilia Inc. Listdom allows Blind SQL Injection. This issue affects Listdom: from n/a through 5.4.0...

9.3CVSS0.00236EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 2:17 p.m.10 views

CVE-2026-54818

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VeronaLabs Slimstat Analytics allows Blind SQL Injection. This issue affects Slimstat Analytics: from n/a through 5.4.11...

8.5CVSS0.00211EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 2:17 p.m.11 views

CVE-2026-54815

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cargo RD Cargo Shipping Location for WooCommerce allows Blind SQL Injection. This issue affects Cargo Shipping Location for WooCommerce: from n/a through 5.6...

9.3CVSS0.00236EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 2:17 p.m.12 views

CVE-2026-54813

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Brainstorm Force SureDash allows Blind SQL Injection. This issue affects SureDash: from n/a through 1.8.0...

8.5CVSS0.00211EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 2:17 p.m.11 views

CVE-2026-54809

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VillaTheme GIFT4U allows Blind SQL Injection. This issue affects GIFT4U: from n/a through 1.0.10...

9.3CVSS0.00241EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 2:17 p.m.13 views

CVE-2026-54808

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel Gutenberg Blocks allows Blind SQL Injection. This issue affects WP Travel Gutenberg Blocks: from n/a through 3.9.4...

9.3CVSS0.00317EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 1:51 p.m.35 views

CVE-2026-54809 WordPress GIFT4U plugin <= 1.0.10 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VillaTheme GIFT4U allows Blind SQL Injection. This issue affects GIFT4U: from n/a through 1.0.10...

9.3CVSS0.00241EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 1:51 p.m.9 views

EUVD-2026-37714

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VillaTheme GIFT4U allows Blind SQL Injection. This issue affects GIFT4U: from n/a through 1.0.10...

9.3CVSS5.6AI score0.00241EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 1:51 p.m.13 views

EUVD-2026-37713

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel Gutenberg Blocks allows Blind SQL Injection. This issue affects WP Travel Gutenberg Blocks: from n/a through 3.9.4...

9.3CVSS5.6AI score0.00317EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 1:44 p.m.11 views

EUVD-2026-37711

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Brainstorm Force SureDash allows Blind SQL Injection. This issue affects SureDash: from n/a through 1.8.0...

8.5CVSS5.6AI score0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 1:40 p.m.25 views

EUVD-2026-37708

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cargo RD Cargo Shipping Location for WooCommerce allows Blind SQL Injection. This issue affects Cargo Shipping Location for WooCommerce: from n/a through 5.6...

9.3CVSS5.6AI score0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 1:40 p.m.32 views

CVE-2026-54815 WordPress Cargo Shipping Location for WooCommerce plugin <= 5.6 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cargo RD Cargo Shipping Location for WooCommerce allows Blind SQL Injection. This issue affects Cargo Shipping Location for WooCommerce: from n/a through 5.6...

9.3CVSS0.00236EPSS
Exploits0References1
Rows per page
Query Builder