CVE-2021-33325

The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19, and 7.2 before fix pack 7, user's clear text passwords are stored in the database if workflow is enabled for user creation, which allows attackers with access to the...

CVE-2022-35148

maccms10 v2021.1000.1081 to v2022.1000.3031 was discovered to contain a SQL injection vulnerability via the table parameter at database/columns.html...

CVE-2020-17495

django-celery-results through 1.2.1 stores task results in the database. Among the data it stores are the variables passed into the tasks. The variables may contain sensitive cleartext information that does not belong unencrypted in the database...

CVE-2024-39027

SeaCMS v12.9 has an unauthorized SQL injection vulnerability. The vulnerability is caused by the SQL injection through the cid parameter at /js/player/dmplayer/dmku/index.php?ac=edit, which can cause sensitive database information to be leaked...

CVE-2023-29047

Imageconverter API endpoints provided methods that were not sufficiently validating and sanitizing client input, allowing to inject arbitrary SQL statements. An attacker with access to the adjacent network and potentially API credentials, could read and modify database content which is accessible...

CVE-2021-31831

Incorrect access to deleted scripts vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the...

CVE-2021-31850

A denial-of-service vulnerability in Database Security DBS prior to 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration of Archiving through the User interface incorrectly allowed the creation of directories and files i...

CVE-2020-7339

Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept communication between the Server and Sensors...

CVE-2023-45334

Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'status' parameter of the routers/edit-orders.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2022-35942

Improper input validation on the contains LoopBack filter may allow for arbitrary SQL injection. When the extended filter property contains is permitted to be interpreted by the Postgres connector, it is possible to inject arbitrary SQL which may affect the confidentiality and integrity of data...

Pervasive Vulnerability Analysis and Defense for QKD-Based Quantum Private Query

Quantum Private Query QPQ based on Quantum Key Distribution QKD is among the most practically viable quantum communication protocols, with application value second only to QKD itself. However, prevalent security vulnerabilities in the post-processing stages of most existing QKD-based QPQ protocol...

DBSec

No d...

SQLite-Injection-Lab

آزمایشگاه تزریق SQL SQL Injection Lab یک محیط آموزشی جامع ب...

Code-Projects Simple Blood Donor Management System SQL注入漏洞

Code-Projects Simple Blood Donor Management System is a Code-Projects open source simple blood donor management system. A SQL injection vulnerability exists in Code-Projects Simple Blood Donor Management System version 1.0, which stems from an incorrect manipulation of the parameter campaignname ...

CVE-2025-10437

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. Webpack Management System allows SQL Injection.This issue affects Webpack Management System: through 20251119...

Code-Projects Student Information System SQL注入漏洞

Student Information System is a student information system. Student Information System is vulnerable to a SQL injection vulnerability that originates from a lack of security filtering of the Username parameter in the /index.php file. No details of the vulnerability are available at this time...

EUVD-2017-1257

Malware in sbrugna...

EUVD-2017-10616

Malware in sbrugna...

EUVD-2010-0156

Malware in sbrugna...

EUVD-2016-6443

Malware in sbrugna...