Lucene search
K

9852 matches found

CVE
CVE
added 4 hours ago6 views

CVE-2026-15190

CVE-2026-15190 affects SourceCodester Simple and Nice Shopping Cart Script 1.0. The vulnerability is a SQL injection in an unknown area of /login.php triggered by manipulating the Username parameter. Remote exploitation is possible, and publicly available exploits exist. The CVSS metrics indicate...

7.5CVSS6.9AI score
Exploits0References6
NVD
NVD
added 4 hours ago5 views

CVE-2026-56292

A SQLi vulnerability in AcyMailing component 10.11.1 for Joomla was discovered. Exploiting this flaw can lead to unauthorized database access and data leakage...

9.2CVSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 10 hours ago3 views

CVE-2026-50644

SOPlanning is vulnerable to SQL injection in the audit retention configuration. An attacker holding parametersall rights can inject SQL commands into the audit configuration form which is then saved. The execution is triggered when the audit functionality is accessed by the attacker or another...

8.6CVSS6.2AI score
Exploits0References3
Nuclei
Nuclei
added 17 hours ago19 views

WCAPF WooCommerce Ajax Product Filter - SQL Injection

WCAPF WooCommerce Ajax Product Filter = 4.2.3 contains a time-based SQL injection caused by insufficient escaping of the 'post-author' parameter, letting unauthenticated attackers extract sensitive database information remotely. id: CVE-2026-3396 info: name: WCAPF WooCommerce Ajax Product Filter ...

7.5CVSS6AI score0.01473EPSS
Exploits0References2
Nuclei
Nuclei
added 17 hours ago23 views

ChanCMS <= 3.3.0 - SQL Injection

yanyutao0402 ChanCMS = 3.3.0 contains a SQL injection caused by manipulation of the "key" argument in app/modules/api/service/Api.js Search function, letting remote attackers execute arbitrary SQL commands, exploit requires crafted request. id: CVE-2025-10210 info: name: ChanCMS = 3.3.0 - SQL...

8.8CVSS6.8AI score0.01195EPSS
Exploits0References4
Nuclei
Nuclei
added 17 hours ago36 views

Mitel MiCollab <= 9.8.0.33 - SQL Injection

A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary...

9.8CVSS7.5AI score0.98067EPSS
Exploits3References2
EUVD
EUVD
added 19 hours ago5 views

EUVD-2026-42492

A security flaw has been discovered in code-projects Online Food Order System 1.0. This affects an unknown part of the file /editfooditems.php. The manipulation of the argument update results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

7.5CVSS6.8AI score
Exploits0References7
NVD
NVD
added 19 hours ago4 views

CVE-2026-15135

A security flaw has been discovered in code-projects Online Food Order System 1.0. This affects an unknown part of the file /editfooditems.php. The manipulation of the argument update results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

7.5CVSS
Exploits0References6
Vulnrichment
Vulnrichment
added yesterday4 views

CVE-2026-8307 SQLi in Webbeyaz's Mediküm Web

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Webbeyaz Web Design Mediküm Web allows SQL Injection. This issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported...

9.8CVSS6AI score
Exploits0References1
CVE
CVE
added yesterday10 views

CVE-2026-6854

The CVE covers the WordPress plugin My Calendar – Accessible Event Manager. It is vulnerable to time-based blind SQL Injection via the mc_auth parameter in all versions up to 3.7.8, caused by insufficient escaping of user input and inadequate preparation of the SQL query. This allows unauthentica...

7.5CVSS6AI score
Exploits0References2
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-55635 DataEase: Authenticated SQL Injection in Chart Quota Filters

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, chart quota and Y-axis filters embed attacker-controlled filter values directly into generated SQL in Quota2SQLObj.getYWheres without applying the SQL literal validation and escaping used by other filter paths,...

8.7CVSS0.00266EPSS
Exploits0References2
NCSC
NCSC
added 2 days ago6 views

Vulnerabilities found in UniFi products from Ubiquiti Networks

Ubiquiti Networks has identified vulnerabilities in various UniFi products, including UniFi Connect Application, UniFi Talk Application, UniFi Access Application, UniFi OS, UniFi Network Application, and UniFi Protect Application. These vulnerabilities involve command injection, SQL injection,...

10CVSS6.2AI score0.00826EPSS
Exploits0References1
NVD
NVD
added 3 days ago6 views

CVE-2026-33734

FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have a SQL injection vulnerability in the Massmailer module filter functionality. An authenticated administrator can supply crafted filter values when updating a mass email message, causing...

6.9CVSS0.00218EPSS
Exploits0References1
NVD
NVD
added 3 days ago9 views

CVE-2026-14797

A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulation of the argument editid can lead to sql injection. It is possible to launch the attack remotely...

6.5CVSS0.002EPSS
Exploits0References6
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-41810

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/myaccount.php?mywishlist. The manipulation of the argument deletewishlist results in sql injection. The attack can be launched remotely. The exploit has been released to t...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41806

A vulnerability has been found in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/action-visitor.php. Such manipulation of the argument remark leads to sql injection. The attack may be performed from remote. Th...

6.5CVSS5.8AI score0.002EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago26 views

CVE-2026-14774 itsourcecode Hospital Management System paymentdischarge.php sql injection

A vulnerability was determined in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /paymentdischarge.php. This manipulation of the argument patientid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and ma...

6.5CVSS0.00204EPSS
Exploits0References6
CVE
CVE
added 4 days ago13 views

CVE-2026-14773

Affects itsourcecode Hospital Management System 1.0. The vulnerability is in the /payment.php file, where manipulating the patientid parameter leads to SQL injection. It is remotely exploitable and the exploit has been made public, enabling potential attackers to weaponize it. The CVSS-based summ...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-14772 SourceCodester Class and Exam Timetabling System edit_course1.php sql injection

A vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0/1.php. The impacted element is an unknown function of the file /editcourse1.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed ...

7.5CVSS0.00269EPSS
Exploits0References6
NVD
NVD
added 4 days ago8 views

CVE-2026-14769

A security vulnerability has been detected in code-projects Real State Services 1.0. This issue affects some unknown processing of the file /pay.php. Such manipulation of the argument Bankname leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly...

7.5CVSS0.00269EPSS
Exploits0References6
Rows per page
Query Builder