2867 matches found
PT-2025-51261
Name of the Vulnerable Software and Affected Versions Frappe ERPNext versions through 15.89.0 Description A SQL injection issue exists in Frappe ERPNext. The get outstanding reference documents function within the erpnext/accounts/doctype/payment entry/payment entry.py file is susceptible to...
CVE-2025-14661
A vulnerability has been found in itsourcecode Student Managemen System 1.0. Affected by this issue is some unknown functionality of the file /advisers.php. Such manipulation of the argument sy leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the publ...
CVE-2025-14639
A vulnerability was detected in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /uprec.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used...
Simple-PHP-Blog SQL注入漏洞
Simple-PHP-Blog is a simple blogging system by the individual developer Philip Okugbe. Simple-PHP-Blog suffers from a SQL injection vulnerability that stems from incorrect manipulation of the file /edit.php, which could lead to a SQL injection attack...
EUVD-2025-200294
PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the /admin/password-recovery.php endpoint. Specifically, the username and mobileno parameters accepts unvalidated user input, which is then concatenated directly into a backend SQL query...
CVE-2025-60736
code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection in /login.php via the upass parameter...
CVE-2025-13788
A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...
SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Divine Vision Han Technology Co., Ltd (CNVD-C-2025-926218)
Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...
Web-Based Internet Laboratory Management System /subject/controller.php File SQL Injection Vulnerability
Web-Based Internet Laboratory Management System is a web laboratory software. A SQL injection vulnerability exists in Web-Based Internet Laboratory Management System, which originates from a lack of validation of externally-entered SQL statements in the file /subject/controller.php. An attacker c...
SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Divine Vision Han Technology Co., Ltd (CNVD-C-2025-859399)
Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...
IBM Db2 Denial of Service Vulnerability (CNVD-2025-29177)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...
Unspecified Vulnerability in IBM Db2 (CNVD-2025-29179)
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A security vulnerability exists in IBM Db2 that can be exploited by an attacker to regain access after ...
WordPress Plugin CoSchool LMSSQL Injection Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the WordPress plugin CoSchool LMS, which stems from the...
SAP SQL Anywhere 信任管理问题漏洞
SAP SQL Anywhere is a SAP-specific relational database management system from SAP, Germany. A trust management issue vulnerability exists in SAP SQL Anywhere, which arises from hard-coded credentials in the code, and could lead to arbitrary code execution, impacting the confidentiality integrity...
EUVD-2025-38304
IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...
CVE-2025-36006 IBM Db2 denial of service
IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial due to the improper release of resources after use...
CVE-2025-33012 IBM Db2 improper account lockout
IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux could allow an authenticated user to regain access after account lockout due to password use after expiration date...
IBM Db2 安全漏洞
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...
IBM Db2 安全漏洞
IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...
IBM Db2 安全漏洞
IBM Db2 is a relational database management system from International Business Machines IBM. The system executes on UNIX, Linux, IBMi, z/OS, and Windows server versions. A security vulnerability exists in IBM Db2 versions 12.1.0 through 12.1.3, which stems from performing an unnecessarily...