CVE-2026-54822

Subscriber SQL Injection in SALESmanago & Leadoo = 3.11.2 versions...

CVE-2026-57588 SQL Injection in Nessus via Malicious Scan Result File Import

A SQL injection vulnerability in Nessus allows an attacker to craft a malicious scan result file that, when imported by a privileged user, injects malicious SQL into the scan results database, potentially enabling exfiltration of scan-result data...

CVE-2026-57587 SQL Injection in Nessus via Reverse DNS Lookup

A SQL injection vulnerability in Nessus allows a remote, unauthenticated attacker who controls reverse DNS records for a scanned host to inject malicious SQL into the scan results database, potentially enabling exfiltration of scan-result data...

CVE-2026-57588

CVE-2026-57588 is a SQL injection vulnerability in Nessus. A crafted malicious scan result file, when imported by a privileged user, injects SQL into the scan results database, potentially exfiltrating scan data. The vulnerability affects Nessus in scenarios where a scan-result file is imported b...

CVE-2026-54829

CVE-2026-54829 concerns the WordPress plugin WP Photo Album Plus (versions up to 9.1.13.005). The vulnerability is an SQL injection due to improper neutralization of input in SQL commands, described as a blind SQL injection. The CVSS 3.1 base metrics indicate NETWORK attack vector, HIGH impact on...

CVE-2026-54843

CVE-2026-54843 concerns the WordPress MDTF plugin (WordPress MDTF) with versions up to 1.3.7. The vulnerability is an unauthenticated SQL injection in MDTF

ChanCMS <= 3.3.0 - SQL Injection

yanyutao0402 ChanCMS = 3.3.0 contains a SQL injection caused by manipulation of the "key" argument in app/modules/api/service/Api.js Search function, letting remote attackers execute arbitrary SQL commands, exploit requires crafted request. id: CVE-2025-10210 info: name: ChanCMS = 3.3.0 - SQL...

WCAPF WooCommerce Ajax Product Filter - SQL Injection

WCAPF WooCommerce Ajax Product Filter = 4.2.3 contains a time-based SQL injection caused by insufficient escaping of the 'post-author' parameter, letting unauthenticated attackers extract sensitive database information remotely. id: CVE-2026-3396 info: name: WCAPF WooCommerce Ajax Product Filter ...

EUVD-2026-39167

The Gravity Forms Booking plugin for WordPress is vulnerable to time-based SQL Injection via the ‘staffid’ parameter in all versions up to, and including, 2.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

Mitel MiCollab <= 9.8.0.33 - SQL Injection

A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary...

CVE-2026-39951

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graphnameregexp in the Reports feature. This issue has been fixed in version 1.2.31...

CVE-2026-39951

CVE-2026-39951 affects Cacti versions 1.2.30 and earlier, exposing a Stored SQL Injection through graph_name_regexp in the Reports feature. The vulnerability is fixed in version 1.2.31. Public references confirm the issue and include a fix commit and security advisory link. No exploitation detail...

CVE-2026-39893

Cacti is affected by a pre-auth SQL injection in versions up to 1.2.30 via the rfilter input concatenated into a RLIKE clause in graph_view.php. The vulnerability could be reached without authentication if graph viewing is enabled for a guest user, making it exploitable pre-auth. The issue has be...

CVE-2026-45689 Rocket.Chat: Pre-Auth NoSQL Injection in OAuth2 Token Endpoint leading to Arbitrary User ATO

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, an unauthenticated network attacker obtains a valid Rocket.Chat OAuth access token for an arbitrary user by sending a single HTTP POST with...

CVE-2026-56052

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Funnel Builder by FunnelKit allows Blind SQL Injection. This issue affects Funnel Builder by FunnelKit: from n/a through 3.15.0.5...

CVE-2026-56052 WordPress Funnel Builder by FunnelKit plugin <= 3.15.0.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Funnel Builder by FunnelKit allows Blind SQL Injection. This issue affects Funnel Builder by FunnelKit: from n/a through 3.15.0.5...

CVE-2026-9179

The WP Forms Connector plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the /wp-json/wp/v3/post/list REST endpoint in versions up to and including 1.8. This is due to insufficient escaping on the user-supplied 'order' parameter read directly from $GET'order' into...

CVE-2026-9179 WP Forms Connector <= 1.8 - Unauthenticated SQL Injection via 'order' Parameter

The WP Forms Connector plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the /wp-json/wp/v3/post/list REST endpoint in versions up to and including 1.8. This is due to insufficient escaping on the user-supplied 'order' parameter read directly from $GET'order' into...

CVE-2026-9179

Summary: WP Forms Connector for WordPress (versions ≤ 1.8) is susceptible to unauthenticated SQL injection via the order parameter in the /wp-json/wp/v3/post/list endpoint. The root cause is insufficient escaping of $_GET['order'], with the value concatenated into the ORDER BY clause and executed...

PT-2026-52137

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description An unauthenticated attacker can inject arbitrary SQL to compromise the confidentiality, integrity, and availability of the database. This occurs because the rfilter request parameter is retrieved via...