Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI version 2026R1.0.1, which stems from improper filtering of...

CVE-2025-68914

Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/login.cgi username SQL Injection. For example, an attacker can delete the LOGINFAILEDTABLE table...

CVE-2025-12933

A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and...

EUVD-2025-25197

Malicious code in bioql PyPI...

PT-2025-38693

Name of the Vulnerable Software and Affected Versions Campcodes Grocery Sales and Inventory System version 1.0 Description A flaw exists in Campcodes Grocery Sales and Inventory System 1.0. The vulnerability is due to SQL injection within unknown code in the file /ajax.php?action=delete user...

PT-2025-34139 · Portabilis · Portabilis I-Diario

Name of the Vulnerable Software and Affected Versions: Portabilis i-Diario versions prior to 2.10 Description: A vulnerability exists in Portabilis i-Diario up to version 2.10. The issue affects an unknown function within the /intranet/educar tipo usuario lst.php file of the Tipos de usàrio Page...

Mavi Yeşil Software Guest Tracking Software SQL注入漏洞

Mavi Yeşil Software Guest Tracking Software is a software for tracking visitor information from Mavi Yeşil Software, Turkey. Mavi Yeşil Software Guest Tracking Software suffers from a SQL injection vulnerability that stems from improper neutralization of special elements in SQL commands, which...

PT-2024-19049 · Zoho · Zoho Manageengine Exchange Reporter Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine Exchange Reporter Plus versions 5714 and below Description: The issue is related to an Authenticated SQL injection in the report exporting feature. Recommendations: For Zoho ManageEngine Exchange Reporter Plus versions 5714...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, SMS alerts and product image scaling. A security vulnerability exists in PrestaShop due to an SQL injection vulnerability in the...

CSCMS Music Portal System SQL注入漏洞

CSCMS Music Portal System is a diversified content management system from China Sunshine Network Technology CSCMS, Inc. A SQL injection vulnerability exists in CSCMS Music Portal System, which originates from the missing validation of the id parameter at /admin.php/pic/admin/pic/del for external...

CVE-2021-23276

Eaton Intelligent Power Manager IPM prior to 1.69 is vulnerable to authenticated SQL injection. A malicious user can send a specially crafted packet to exploit the vulnerability. Successful exploitation of this vulnerability can allow attackers to add users in the data base...