Lucene search
K

2867 matches found

Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.9 views

PT-2025-51261

Name of the Vulnerable Software and Affected Versions Frappe ERPNext versions through 15.89.0 Description A SQL injection issue exists in Frappe ERPNext. The get outstanding reference documents function within the erpnext/accounts/doctype/payment entry/payment entry.py file is susceptible to...

9.8CVSS7.5AI score0.00325EPSS
Exploits1References8
OSV
OSV
added 2025/12/14 2:15 p.m.4 views

CVE-2025-14661

A vulnerability has been found in itsourcecode Student Managemen System 1.0. Affected by this issue is some unknown functionality of the file /advisers.php. Such manipulation of the argument sy leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the publ...

9.8CVSS5.8AI score0.00333EPSS
Exploits1References5
OSV
OSV
added 2025/12/14 2:15 a.m.4 views

CVE-2025-14639

A vulnerability was detected in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /uprec.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used...

9.8CVSS5.8AI score0.00333EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/08 12:0 a.m.3 views

Simple-PHP-Blog SQL注入漏洞

Simple-PHP-Blog is a simple blogging system by the individual developer Philip Okugbe. Simple-PHP-Blog suffers from a SQL injection vulnerability that stems from incorrect manipulation of the file /edit.php, which could lead to a SQL injection attack...

9.8CVSS6.9AI score0.00296EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/02 9:31 p.m.6 views

EUVD-2025-200294

PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the /admin/password-recovery.php endpoint. Specifically, the username and mobileno parameters accepts unvalidated user input, which is then concatenated directly into a backend SQL query...

6.5CVSS7.4AI score0.00179EPSS
Exploits0References3
NVD
NVD
added 2025/12/02 7:15 p.m.5 views

CVE-2025-60736

code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection in /login.php via the upass parameter...

9.8CVSS0.0041EPSS
Exploits2References1
NVD
NVD
added 2025/11/30 1:15 p.m.7 views

CVE-2025-13788

A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...

9.8CVSS0.00351EPSS
Exploits1References4
CNVD
CNVD
added 2025/11/25 12:0 a.m.4 views

SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Divine Vision Han Technology Co., Ltd (CNVD-C-2025-926218)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

5.9AI score
Exploits0
CNVD
CNVD
added 2025/11/20 12:0 a.m.2 views

Web-Based Internet Laboratory Management System /subject/controller.php File SQL Injection Vulnerability

Web-Based Internet Laboratory Management System is a web laboratory software. A SQL injection vulnerability exists in Web-Based Internet Laboratory Management System, which originates from a lack of validation of externally-entered SQL statements in the file /subject/controller.php. An attacker c...

9.8CVSS8.2AI score0.00346EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/17 12:0 a.m.2 views

SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Divine Vision Han Technology Co., Ltd (CNVD-C-2025-859399)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

5.9AI score
Exploits0
CNVD
CNVD
added 2025/11/12 12:0 a.m.4 views

IBM Db2 Denial of Service Vulnerability (CNVD-2025-29177)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...

5.5CVSS6.5AI score0.00104EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/12 12:0 a.m.3 views

Unspecified Vulnerability in IBM Db2 (CNVD-2025-29179)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A security vulnerability exists in IBM Db2 that can be exploited by an attacker to regain access after ...

8.8CVSS6.6AI score0.00156EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/11 12:0 a.m.2 views

WordPress Plugin CoSchool LMSSQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the WordPress plugin CoSchool LMS, which stems from the...

8.5CVSS8AI score0.00302EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.3 views

SAP SQL Anywhere 信任管理问题漏洞

SAP SQL Anywhere is a SAP-specific relational database management system from SAP, Germany. A trust management issue vulnerability exists in SAP SQL Anywhere, which arises from hard-coded credentials in the code, and could lead to arbitrary code execution, impacting the confidentiality integrity...

10CVSS7.7AI score0.00671EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/07 9:31 p.m.7 views

EUVD-2025-38304

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

6.5CVSS6.1AI score0.00281EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/07 7:4 p.m.10 views

CVE-2025-36006 IBM Db2 denial of service

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial due to the improper release of resources after use...

6.5CVSS0.00279EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/07 6:38 p.m.3 views

CVE-2025-33012 IBM Db2 improper account lockout

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux could allow an authenticated user to regain access after account lockout due to password use after expiration date...

6.3CVSS6.3AI score0.00156EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.5 views

IBM Db2 安全漏洞

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...

6.5CVSS6.3AI score0.00279EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.7 views

IBM Db2 安全漏洞

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...

7.5CVSS6.3AI score0.00268EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.6 views

IBM Db2 安全漏洞

IBM Db2 is a relational database management system from International Business Machines IBM. The system executes on UNIX, Linux, IBMi, z/OS, and Windows server versions. A security vulnerability exists in IBM Db2 versions 12.1.0 through 12.1.3, which stems from performing an unnecessarily...

7.8CVSS6.3AI score0.00121EPSS
Exploits0References2
Rows per page
Query Builder