13 matches found
EUVD-2010-4452
Malware in sbrugna...
EUVD-2020-27053
Malware in sbrugna...
EUVD-2022-46928
Malicious code in bioql PyPI...
EUVD-2024-26728
Malicious code in bioql PyPI...
CVE-2025-54788
CVE-2025-54788 corresponds to a SQL injection in the SuiteCRM InboundEmail module. The issue allows arbitrary backend SQL queries, impacting confidentiality, integrity, and availability by enabling data retrieval, modification, or deletion. Affected: SuiteCRM (InboundEmail module) in versions pri...
PT-2025-20844 · Siemens · Polarion
Name of the Vulnerable Software and Affected Versions: Polarion V2310 All versions Polarion V2404 versions prior to V2404.4 Description: The application insufficiently validates user input for database read queries, which could allow an authenticated remote attacker to conduct an SQL injection...
CVE-2024-12410
The Front End Users plugin for WordPress is vulnerable to SQL Injection via the 'UserSearchField' parameter in all versions up to, and including, 3.2.32 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2024-13676
CVE-2024-13676 affects the WordPress plugin Categorized Gallery Plugin (
SportsNET SQL Injection Vulnerability (CNVD-2024-37602)
SportsNET is a sports event network application from SportsNET, Inc. SportsNET suffers from a SQL injection vulnerability that can be exploited by an attacker to retrieve, update, and delete all information in the database via a specially crafted SQL query...
PostgreSQL Security Vulnerabilities
PostgreSQL is a free object-relational database management system from the PostgreSQL organization. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A security vulnerability exists in PostgreSQL. An attacker can exploi...
Kashipara Food Management System SQL Injection Vulnerability (CNVD-2024-13472)
Kashipara Food Management System is a food management system from Kashipara. A SQL injection vulnerability exists in Kashipara Food Management System version 1.0, which stems from a lack of validation of the printid parameter of itemBillPdf.php against external SQL input, and can be exploited by ...
SQL Injection Vulnerability in Human Resource Information Management System of Beijing Hongjing Century Software Co. Ltd (CNVD-2023-08743)
Beijing Hongjing Century Software Co., Ltd. is a professional e-HR vendor in China. A SQL injection vulnerability exists in the human resources information management system of Beijing Hongjing Century Software Company Limited, which can be exploited by attackers to obtain sensitive information...
phpBB 1.4.2, Remote user is able to modify SQL query.
Hi, there is a a potential security problem in the current version 1.4.2 and previous versions of phpBB http://www.phpbb.com. A remote user is able to modify a string passed as a SQL query to the MySQL database. The problem exists in the file bbmemberlist.php. A string called $sortby is supplied...