Lucene search
K

2866 matches found

Nuclei
Nuclei
added yesterday75 views

Complete Online Job Search System 1.0 - SQL Injection

Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/index.php?q=hiring&search=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. id:...

7.2CVSS7.2AI score0.04522EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago3 views

Security Bulletin: IBM® Db2® could disclose sensitive information to an authenticated user from the monitoring and event tables (CVE-2025-36372)

Summary IBM® Db2® could disclose sensitive information such as access keys to an authenticated user from the monitoring and event tables. CVE-2025-36372 Vulnerability Details CVEID:CVE-2025-36372 DESCRIPTION: IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows...

6.5CVSS5.8AI score0.00303EPSS
Exploits0Affected Software1
NVD
NVD
added 4 days ago5 views

CVE-2026-14619

A flaw has been found in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /medicine.php. This manipulation of the argument editid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and ma...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 6 days ago7 views

CVE-2026-57756

Contributor SQL Injection in nicen-localize-image = 1.4.9 versions...

8.5CVSS0.0022EPSS
Exploits0References1
NVD
NVD
added 6 days ago4 views

CVE-2026-57669

Subscriber Broken Access Control in Advanced Contact form 7 DB = 2.0.9 versions...

6.5CVSS0.0034EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.8 views

RHEL 9 : mariadb:10.11 (RHSA-2026:33482)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:33482 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB Server:...

10CVSS6.5AI score0.00998EPSS
Exploits0References14
EUVD
EUVD
added 2026/06/29 12:45 a.m.6 views

EUVD-2026-40017

A vulnerability was determined in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /appointmentapproval.php of the component Appointment Handler. This manipulation of the argument editid causes sql injection. The attack is possible to be carried out remotel...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/22 1:18 p.m.7 views

EUVD-2025-210299

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could allow a privileged user to perform operations and obtain sensitive information outside of their authority due to improper token validation...

6CVSS5.8AI score0.00197EPSS
Exploits0References1
OSV
OSV
added 2026/06/19 11:2 a.m.4 views

SUSE-SU-2026:2466-1 Security update for azure-storage-azcopy

This update for azure-storage-azcopy fixes the following issues Update to 10.32.4: - CVE-2025-47907: database/sql: incorrect results returned from Rows.Scan bsc1247720. - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header...

9.6CVSS6.3AI score0.01557EPSS
Exploits1References12
EUVD
EUVD
added 2026/06/18 2:2 p.m.8 views

EUVD-2026-37895

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David Lingren Media LIbrary Assistant allows Blind SQL Injection. This issue affects Media LIbrary Assistant: from n/a through 3.35...

8.5CVSS5.6AI score0.00211EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/17 11:59 a.m.5 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6AI score0.00668EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/17 9:51 a.m.30 views

CVE-2026-48967 WordPress Geo Mashup plugin <= 1.13.19 - SQL Injection vulnerability

Subscriber SQL Injection in Geo Mashup = 1.13.19 versions...

8.5CVSS0.00332EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 9:30 p.m.7 views

EUVD-2026-36950

Unauthenticated SQL Injection in WP Photo Album Plus = 9.1.08.001 versions...

9.3CVSS5.7AI score0.00295EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.15 views

PT-2026-48856

The iRM-IEI Remote Management developed by IEI Integration Corp has a Hardcoded Credentials vulnerability, allowing unauthenticated remote attackers to exploit hard-coded credentials to gain administrative privileges on the database...

9.8CVSS5.4AI score0.0035EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.9 views

CVE-2025-15655

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mojoomla School Management allows SQL Injection. This issue affects School Management: from n/a through 93.2.0...

7.6CVSS5.6AI score0.00231EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

Akmer TeknoPass SQL注入漏洞

Akmer TeknoPass is an intelligent parking and access control system developed by the Turkish company Akmer. The versions from 20210501 to 20260429 of Akmer TeknoPass have a SQL injection vulnerability. This vulnerability arises from bypassing authorization through a user-controlled SQL primary ke...

9.8CVSS5.7AI score0.00302EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/31 12:0 a.m.15 views

PT-2026-45174

A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public a...

5.8CVSS5.7AI score0.00206EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/27 1:7 p.m.13 views

CVE-2026-6051 IBM® Db2® is vulnerable to a denial of service when executing a specially crafted query with a small statement heap

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap...

5.5CVSS5.8AI score0.00177EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 9:49 a.m.12 views

EUVD-2026-32192

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in tainacan Tainacan tainacan allows Blind SQL Injection.This issue affects Tainacan: from n/a through = 1.0.3...

9.3CVSS5.8AI score0.00236EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 9:16 a.m.23 views

CVE-2026-40835

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the saveObjectFromData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

7.1CVSS0.00262EPSS
Exploits0References1
Rows per page
Query Builder