718 matches found
YAFNET SQL注入漏洞
YAFNET is an ASP.NET open-source forum solution developed by YAFNET’s individual developers. Versions of YAFNET prior to 4.0.5 contained a SQL injection vulnerability. This vulnerability stems from the OnPost handler redirection of responses after executing side effects, which could allow...
HPE Aruba Networking Wireless Operating System 安全漏洞
HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There is a security vulnerability in the HPE Aruba Networking Wireless Operating System. This vulnerability stems from the lack of cleaning of parameters passed to the...
CVE-2026-44349
Daptin CVE-2026-44349: The fuzzy search path on /api/ accepts a user-supplied column list and interpolates it into raw SQL without a column whitelist, enabling an authenticated user to read the entire database on vulnerable versions. Affected component: processFuzzySearch in server/resource/resou...
Vikunja: Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade
Title Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade Description Vikunja's link share authentication constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner deletes a link share or...
CVE-2019-25698
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the idtodelete parameter. Attackers can send crafted requests with malicious SQL statements in the idtodelete field to extract or modify sensitive database...
CVE-2019-25704
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filterusermail parameter. Attackers can send crafted requests with malicious SQL statements to extract sensitive database information or modify data...
CVE-2019-25684
OpenDocMan 1.3.4 is vulnerable to an SQL injection via the where parameter in the search.php endpoint. The issue arises from unsafely constructed SQL queries that allow unauthenticated attackers to manipulate database queries and potentially extract sensitive information. Documented impact includ...
CVE-2019-25662
ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'ref' parameter. Attackers can send GET requests to the watchedsearches.php endpoint with crafted SQL payloads to extract...
KADOS SQL注入漏洞
KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability; this flaw allows attackers to manipulate database queries...
KADOS SQL注入漏洞
KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability; this flaw allows attackers to manipulate database queries...
KADOS SQL注入漏洞
KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability; this flaw allows attackers to manipulate database queries...
KADOS SQL注入漏洞
KADOS is a note-taking tool developed by fouvolant’s individual developer. KADOS has a SQL injection vulnerability; this vulnerability allows unverified attackers to manipulate database queries...
Focalboard doesn't sanitize category IDs before incorporating them into dynamic SQL statements
UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to sanitize category IDs before incorporating them into dynamic SQL statements when reordering categories. An attacker can inject a malicious SQL payload into the category id field, which is stored in the database and later executed unsanitiz...
EUVD-2026-18336
OpenSTAManager: SQL Injection via Aggiornamenti Module...
emlog 跨站请求伪造漏洞
Emlog is an open-source CMS website building system based on PHP and MySQL. Versions of Emlog prior to 2.6.8 had a cross-site request forgery vulnerability. This vulnerability stemmed from the backend upgrade interface not verifying the CSRF token, which could lead to arbitrary SQL executions and...
CVE-2026-34747
Payload is a free and open source headless content management system. Prior to version 3.79.1, certain request inputs were not properly validated. An attacker could craft requests that influence SQL query execution, potentially exposing or modifying data in collections. This issue has been patche...
PT-2026-29744
Name of the Vulnerable Software and Affected Versions OpenSTAManager versions prior to 2.10.2 Description The OpenSTAManager software contains a flaw in the Aggiornamenti Updates module. This module includes a database conflict resolution feature that accepts a JSON array of SQL statements via PO...
PT-2026-29595
Name of the Vulnerable Software and Affected Versions Payload versions prior to 3.79.1 Description Payload, a headless content management system, had insufficient input validation in certain requests. This allowed attackers to manipulate SQL query execution, potentially leading to data exposure o...
CVE-2026-33681
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the objects/pluginRunDatabaseScript.json.php endpoint accepts a name parameter via POST and passes it to Plugin::getDatabaseFileName without any path traversal sanitization. This allows an authenticated admin or a...
CVE-2019-25581
CVE-2019-25581 affects i-doit CMDB 1.12 and is an SQL injection vulnerability in the objGroupID parameter. An unauthenticated attacker can send crafted GET requests to inject SQL, potentially exfiltrating sensitive database information such as usernames, database names, and version details. The v...