Push Notification for Post and BuddyPress <= 1.93 - SQL Injection

Push Notification for Post and BuddyPress plugin for WordPress is vulnerable to SQL Injection via the 'onesignalexternalid' and 'onesignalgetsubscriptionoptionsid' paramters in all versions up to, and including, 1.93 due to insufficient escaping on the user supplied parameter and lack of sufficie...

Wordpress Email Subscribers by Icegram Express - SQL Injection

The Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'run' function of the 'IGESSubscribersQuery' class in all versions up to, and including, 5.7.14 due to insufficient escaping ...

Database-Exploitation-Manual

🛡️ SecDB Auditor - Database Security Compiling Suite & Manual...

Astra Linux - уязвимость в pgpool2

In Pgpool-II, there is a risk of exposing sensitive information due to incompatible policy issues. If a database user accesses the query cache, unauthorized table data may be retrieved for that user...

CVE-2026-44221

ArcadeDB is a Multi-Model DBMS. Prior to 2.6.4, authenticated users and API tokens scoped to a specific database could read, write, and mutate schema on any other database on the same server. Two distinct defects contributed: 1 ServerSecurityUser.getDatabaseUser returned a DB user with an...

CVE-2026-44221 ArcadeDB: Cross-database authorization bypass and unsecured newly-created databases

ArcadeDB is a Multi-Model DBMS. Prior to 2.6.4, authenticated users and API tokens scoped to a specific database could read, write, and mutate schema on any other database on the same server. Two distinct defects contributed: 1 ServerSecurityUser.getDatabaseUser returned a DB user with an...

CVE-2026-40243 Incus OVN TLS verification accepts peer-supplied roots and permits endpoint impersonation

Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN database connection logic can allow connections to an attacker's OVN database. The OVN client implementations disable Go standard TLS server verification and replace it with...

Wiz ZeroDay.Cloud Event Reveals 20-Year-Old PostgreSQL Vulnerabilities

Researchers revealed 20-year-old PostgreSQL flaws at Wiz ZeroDay.Cloud event, exposing critical bugs in pgcrypto and prompting urgent patches for database security...

PT-2026-36206

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.4 Description An authenticated user can cause a denial of service due to improper neutralization of special elements in data query logic. Recommendations At the moment...

info-security-portfolio

Information Security Portfolio A curated collection of nine e...

Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large-scale commercial database system developed by Microsoft Corporation, used under the Microsoft Windows operating system. There are security vulnerabilities in Microsoft SQL Server. Attackers can exploit these vulnerabilities to execute code...

GHSA-59XV-588H-2VMM @saltcorn/data vulnerable to SQL Injection via jsexprToSQL Literal Handler

Summary The jsexprToSQL function in Saltcorn converts JavaScript expressions to SQL for use in database constraints. The Literal handler wraps string values in single quotes without escaping embedded single quotes, allowing SQL injection when creating Formula-type table constraints. Vulnerable...

Sequelize SQL注入漏洞

Sequelize is an open-source database ORM Object-Relational Mapping tool for Node.js. Versions of Sequelize prior to 6.37.8 had a SQL injection vulnerability. This vulnerability stemmed from type conversion that wasn’t properly escaped during the handling of JSON/JSONB WHERE clauses, which could...

postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code

A type validation flaw has been discovered in PostgreSQL. Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database...

postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database...

Web Ofisi E-Ticaret SQL注入漏洞

Web Ofisi E-Ticaret is an e-commerce system developed by the Turkish company Web Ofisi. The Web Ofisi E-Ticaret v5 version has a SQL injection vulnerability, which stems from insufficient input validation for the q parameter. This vulnerability may lead to SQL injection attacks...

IBM Db2 安全漏洞

IBM Db2 is a relational database management system developed by IBM. The system can run on various operating systems such as UNIX, Linux, IBMi, z/OS, and Windows servers. Versions of IBM Db2 prior to 11.5.9 and 12.1.3 contain security vulnerabilities. These vulnerabilities stem from specific HADR...

SAP S/4HANA Private Cloud and On-Premise SQL注入漏洞

SAP S/4HANA Private Cloud and On-Premise is a service local deployment solution from SAP, Germany. An SQL injection vulnerability exists in SAP S/4HANA Private Cloud and On-Premise that stems from insufficient input validation and could lead to an authenticated user executing a specially crafted...

CVE-2021-33325

The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19, and 7.2 before fix pack 7, user's clear text passwords are stored in the database if workflow is enabled for user creation, which allows attackers with access to the...

CVE-2022-35148

maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability via the table parameter at database/columns.html...