Push Notification for Post and BuddyPress <= 1.93 - SQL Injection

Push Notification for Post and BuddyPress plugin for WordPress is vulnerable to SQL Injection via the 'onesignalexternalid' and 'onesignalgetsubscriptionoptionsid' paramters in all versions up to, and including, 1.93 due to insufficient escaping on the user supplied parameter and lack of sufficie...

Wordpress Email Subscribers by Icegram Express - SQL Injection

The Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'run' function of the 'IGESSubscribersQuery' class in all versions up to, and including, 5.7.14 due to insufficient escaping ...

Database-Exploitation-Manual

🛡️ SecDB Auditor - Database Security Compiling Suite & Manual...

CVE-2026-40243 Incus OVN TLS verification accepts peer-supplied roots and permits endpoint impersonation

Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN database connection logic can allow connections to an attacker's OVN database. The OVN client implementations disable Go standard TLS server verification and replace it with...

Wiz ZeroDay.Cloud Event Reveals 20-Year-Old PostgreSQL Vulnerabilities

Researchers revealed 20-year-old PostgreSQL flaws at Wiz ZeroDay.Cloud event, exposing critical bugs in pgcrypto and prompting urgent patches for database security...

Astra Linux – Vulnerability in pgpool2

In Pgpool-II, there is a risk of exposing sensitive information due to incompatible policy issues. If a database user accesses the query cache, unauthorized table data may be retrieved for that user...

info-security-portfolio

Information Security Portfolio A curated collection of nine e...

Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large-scale commercial database system developed by Microsoft Corporation, used under the Microsoft Windows operating system. There are security vulnerabilities in Microsoft SQL Server. Attackers can exploit these vulnerabilities to execute code...

Sequelize SQL注入漏洞

Sequelize is an open-source database ORM Object-Relational Mapping tool for Node.js. Versions of Sequelize prior to 6.37.8 had a SQL injection vulnerability. This vulnerability stemmed from type conversion that wasn’t properly escaped during the handling of JSON/JSONB WHERE clauses, which could...

postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database...

postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code

A type validation flaw has been discovered in PostgreSQL. Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database...

Web Ofisi E-Ticaret SQL注入漏洞

Web Ofisi E-Ticaret is an e-commerce system developed by the Turkish company Web Ofisi. The Web Ofisi E-Ticaret v5 version has a SQL injection vulnerability, which stems from insufficient input validation for the q parameter. This vulnerability may lead to SQL injection attacks...

IBM Db2 安全漏洞

IBM Db2 is a relational database management system developed by IBM. The system can run on various operating systems such as UNIX, Linux, IBMi, z/OS, and Windows servers. Versions of IBM Db2 prior to 11.5.9 and 12.1.3 contain security vulnerabilities. These vulnerabilities stem from specific HADR...

SAP S/4HANA Private Cloud and On-Premise SQL注入漏洞

SAP S/4HANA Private Cloud and On-Premise is a service local deployment solution from SAP, Germany. An SQL injection vulnerability exists in SAP S/4HANA Private Cloud and On-Premise that stems from insufficient input validation and could lead to an authenticated user executing a specially crafted...

CVE-2021-33325

The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19, and 7.2 before fix pack 7, user's clear text passwords are stored in the database if workflow is enabled for user creation, which allows attackers with access to the...

CVE-2022-35148

maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability via the table parameter at database/columns.html...

CVE-2020-17495

django-celery-results through 1.2.1 stores task results in the database. Among the data it stores are the variables passed into the tasks. The variables may contain sensitive cleartext information that does not belong unencrypted in the database...

CVE-2024-39027

SeaCMS v12.9 has an unauthorized SQL injection vulnerability. The vulnerability is caused by the SQL injection through the cid parameter at /js/player/dmplayer/dmku/index.php?ac=edit, which can cause sensitive database information to be leaked...

CVE-2023-29047

Imageconverter API endpoints provided methods that were not sufficiently validating and sanitizing client input, allowing to inject arbitrary SQL statements. An attacker with access to the adjacent network and potentially API credentials, could read and modify database content which is accessible...

CVE-2021-31850

A denial-of-service vulnerability in Database Security DBS prior to 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration of Archiving through the User interface incorrectly allowed the creation of directories and files i...