CVE-2021-28419

The "ordercol" parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to the ability to retrieve all databases...

EUVD-2021-15098

Malware in sbrugna...

EUVD-2007-2225

Malware in sbrugna...

EUVD-2021-32032

Malicious code in bioql PyPI...

EUVD-2025-32129

Malicious code in bioql PyPI...

CVE-2025-41373 SQL injection vulnerability in Gandia Integra Total

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in...

CVE-2020-36003

The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases...

CVE-2020-25362

The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve all databases...

BillQuick Web Suite txtID SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BillQuick Web Suite txtID SQLi', 'Description' = %q This module exploits a SQL injection vulnerability in BillQUick Web Suite prior to version...

CVE-2024-29731

CVE-2024-29731 corresponds to a SQL injection vulnerability in SportsNET 4.0.1. The issue affects the vulnerable API endpoint /app/ax/checkBlindFields/ and can be exploited via crafted input in the parameters idChallenge and idEmpresa to retrieve, update, or delete all database information. Multi...

CVE-2024-29731 Multiple vulnerabilities in SportsNET

SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially crafted SQL query: https://XXXXXXX.saludydesafio.com/app/ax/checkBlindFields/ , parameters...

CVE-2024-8161

SQL injection vulnerability in ATISolutions CIGES affecting versions lower than 2.15.5. This vulnerability allows a remote attacker to send a specially crafted SQL query to the /modules/ajaxServiciosCentro.php point in the idCentro parameter and retrieve all the information stored in the database...

CVE-2024-8161

CVE-2024-8161 affects ATISolutions CIGES versions before 2.15.5. A SQL injection flaw in the /modules/ajaxServiciosCentro.php endpoint (parameter: idCentro) lets remote attackers retrieve all database information. Impact is high (CVE details show total data exposure possible). Remediation: upgrad...

CVE-2024-8161 SQL injection vulnerability in CIGESv2 system

SQL injection vulnerability in ATISolutions CIGES affecting versions lower than 2.15.5. This vulnerability allows a remote attacker to send a specially crafted SQL query to the /modules/ajaxServiciosCentro.php point in the idCentro parameter and retrieve all the information stored in the database...

CVE-2024-8161 SQL injection vulnerability in CIGESv2 system

SQL injection vulnerability in ATISolutions CIGES affecting versions lower than 2.15.5. This vulnerability allows a remote attacker to send a specially crafted SQL query to the /modules/ajaxServiciosCentro.php point in the idCentro parameter and retrieve all the information stored in the database...

CVE-2024-5523

SQL injection vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability could allow an authenticated local user to send a specially crafted SQL query to the 'searchString' parameter and retrieve all information stored in the database...

CVE-2024-5523

CVE-2024-5523 affects Astrotalks and describes an SQL injection flaw in the searchString parameter, exploitable by an authenticated local user. The vulnerability could allow retrieval of all information stored in the database. Details indicate the issue affects Astrotalks as of 10/03/2023; no rem...

GHSA-Q8X7-JC3H-P8XC Dolibarr vulnerable to SQL Injection

Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters in...

Dolibarr vulnerable to SQL Injection

Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters sortorder y sortfield in...

CVE-2024-5315

Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters viewstatut in...