SQL Injection

Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to SQL Injection via the rottenlead parameter in the...

portswigger-sqlinjection-labs

🔐 SQL Injection Attack Lab – PortSwigger Web Security Academy...

CVE-2026-39810

A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5 may allow attacker to information disclosure via decrypting database dump...

EUVD-2026-22270

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/viewdetails.php...

EUVD-2026-22266

SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfhattendance/admin/managedepartment.php...

CVE-2026-37591

Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/viewdetails.php...

KB5084815 - Description of the security update for SQL Server 2022 GDR: April 14, 2026

KB5084815 - Description of the security update for SQL Server 2022 GDR: April 14, 2026 Summary Known issue in this update Improvements and fixes included in this update How to obtain and install the update More information File information ​​​​​​​Information about protection and security Summary...

KB5084821 - Description of the security update for SQL Server 2016 SP3 GDR: April 14, 2026

KB5084821 - Description of the security update for SQL Server 2016 SP3 GDR: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary Th...

WordPress JetEngine plugin <= 3.8.6.1 - Unauthenticated SQL Injection via '_cct_search' Parameter vulnerability

Unauthenticated SQL Injection via 'cctsearch' Parameter vulnerability discovered by hoshino in WordPress Plugin JetEngine versions = 3.8.6.1...

sql-xss

No d...

CVE-2026-40315 PraisonAI: SQLiteConversationStore didn't validate table_prefix when constructing SQL queries

PraisonAI is a multi-agent teams system. Prior to 4.5.133, there is an SQL identifier injection vulnerability in SQLiteConversationStore where the tableprefix configuration value is directly concatenated into SQL queries via f-strings without any validation or sanitization. Since SQL identifiers...

CVE-2026-36922

Sourcecodester Cab Management System v1.0 is vulnerable to SQL injection in the file /cms/admin/categories/viewcategory.php...

CVE-2026-36923

Sourcecodester Cab Management System 1.0 is vulnerable to SQL Injection in the file /cms/admin/bookings/viewbooking.php...

CVE-2026-36872

Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/loadbook.php...

CVE-2026-34262

Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer...

CVE-2026-34262 Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer

Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer...

CVE-2026-34262

CVE-2026-34262 concerns an information disclosure in SAP HANA Cockpit and SAP HANA Database Explorer. Connected sources indicate the issue allows leakage of X.509 private keys via Database Explorer access, enabling potential server impersonation. The PT-2026-32569 note emphasizes that patching al...

CVE-2026-34262

Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer...

CVE-2026-34262 Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer

Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer...

EUVD-2026-22173

Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer...