24 matches found
EUVD-2018-21920
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the frmpasswd parameter. Attackers can send POST requests to main.php with crafted SQL payloads to extract sensitive...
Exploit for CVE-2026-3222
WP Maps Exploit - Time-Based Blind SQL Injection CVE-2026-32...
CVE-2019-25503 PHPads 2.0 SQL Injection via click.php3 bannerID
PHPads 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the bannerID parameter in click.php3. Attackers can submit crafted bannerID values using SQL comment syntax and functions like extractvalue...
EUVD-2023-23308
Malicious code in bioql PyPI...
EUVD-2023-57748
Malicious code in bioql PyPI...
EUVD-2022-1676
Malicious code in bioql PyPI...
EUVD-2024-33902
Malicious code in bioql PyPI...
EUVD-2023-34145
Malicious code in bioql PyPI...
CVE-2024-52969
An Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability CWE-89 in FortiSIEM ersion 7.1.7 and below, version 7.1.0, version 7.0.3 and below, version 6.7.9 and below, 6.7.8, version 6.6.5 and below, version 6.5.3 and below, version 6.4.4 and below...
CVE-2023-2237
The WP Replicate Post plugin for WordPress is vulnerable to SQL Injection via the postid parameter in versions up to, and including, 4.0.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2023-5429
The Information Reel plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2021-40636
OS4ED openSIS 8.0 is affected by SQL Injection in CheckDuplicateName.php, which can extract information from the database...
CVE-2021-40635
OS4ED openSIS 8.0 is affected by SQL injection in ChooseCpSearch.php, ChooseRequestSearch.php. An attacker can inject a SQL query to extract information from the database...
CVE-2025-46577
There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract database information...
CVE-2025-46577 ZTE GoldenDB Database product has an SQL injection vulnerability
There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract database information...
CVE-2025-46577 ZTE GoldenDB Database product has an SQL injection vulnerability
There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract database information...
PT-2025-17976 · Goldendb · Goldendb
Name of the Vulnerable Software and Affected Versions: GoldenDB affected versions not specified Description: The issue is related to a SQL injection vulnerability in the GoldenDB database product. This allows attackers to inject commands to extract database information. Recommendations: At the...
CVE-2024-55238
OpenMetadata =1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the WorkflowDAO interface. The workflowtype and status parameters can be used to build a SQL query...
CVE-2024-13473
The LTL Freight Quotes – Worldwide Express Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropshipeditid' and 'editid' parameter in all versions up to, and including, 5.0.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2024-13496
The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 7.3.1 due to insufficient escaping on the user supplied parameter and la...