EUVD-2025-201924

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP4. Affected applications do not properly validate license restrictions against the database, allowing direct modification of the systemticketinfo table to bypass license limitations without proper enforcement...

EUVD-2018-13475

Malware in sbrugna...

EUVD-2023-52756

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-24272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongo...

CVE-2018-20937

cPanel before 68.0.27 does not validate database and dbuser names during renames SEC-321...

CVE-2023-48685 Railway Reservation System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'psd' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database...

Sql injection

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the /update.php?q=addquiz resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-45116 Online Examination System v1.0 - Multiple Authenticated SQL Injections (SQLi)

Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-46800 Online Matrimonial Project v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the viewprofile.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-44480 Leave Management System Project v1.0 - Multiple Authenticated SQL Injections (SQLi)

Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setcasualleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-44164

The 'Email' parameter of the processlogin.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-44167

This CVE ID is rejected/not used and does not represent an active vulnerability entry.

CVE-2023-44164 Online Movie Ticket Booking System v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

The 'Email' parameter of the processlogin.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2022-41968 Nextcloud Server's calendar name length not validated before writing to database

Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.10 and 24.0.5, calendar name lengths are not validated before writing to a database. As a result, an attacker can send unnecessary amounts of data against the database. Version 23.0.10 and 24.0.5 contain patches for...

CVE-2022-24272

An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6...

CVE-2022-24272

MongoDB Server (mongod) vulnerability CVE-2022-24272: An authenticated user can trigger an invariant assertion during command dispatch due to improper validation of the $external database, potentially causing denial of service or server crash. Affected: MongoDB Server v5.0.x up to and including v...

SolarWinds Network Performance Monitor SQL Injection Vulnerability

A SQL injection vulnerability exists in SolarWinds Network Performance Monitor that stems from a database-based application that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands...

Design/Logic Flaw

cPanel before 68.0.27 does not validate database and dbuser names during renames SEC-321...

CVE-2018-20937

CVE-2018-20937 affects cPanel before 68.0.27, where database and dbuser names are not validated during rename operations (SEC-321). Multiple connected records (RH, CNVD, NVD, CVE lists) corroborate the same description. The vulnerability stems from insufficient validation in the rename process, p...

WordPress 3.1.3 - SQL Injection

WordPress 3.1.3 - SQL Injection SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple SQL Injection Vulnerabilities product: WordPress vulnerable version: 3.1.3/3.2-RC1 and probably earlier versions fixed version:...