CVE-2026-24913

SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, information stored in the database may be obtained or altered by a user who can log in to the product...

CVE-2026-24913

SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, information stored in the database may be obtained or altered by a user who can log in to the product...

CVE-2026-24913

MATCHA INVOICE versions 2.6.6 and earlier are affected by an SQL Injection vulnerability. The flaw allows an authenticated user to obtain or alter data stored in the database through exploitation of unsafely handled input in the application. The description does not specify exact vulnerable compo...

EUVD-2026-20033

ASDA-Soft Stack-based Buffer Overflow Vulnerability...

WordPress plugin Broken Link Checker SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin Amelia SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

PT-2026-31108

Name of the Vulnerable Software and Affected Versions Movable Type affected versions not specified Description Movable Type contains an SQL Injection vulnerability that may allow an attacker to execute an arbitrary SQL statement. Recommendations At the moment, there is no information about a newe...

PT-2026-31556

Name of the Vulnerable Software and Affected Versions Simple Laundry System version 1.0 Description A security issue exists in code-projects Simple Laundry System 1.0. Manipulation of the userid argument in the /userchecklogin.php file can lead to SQL injection. This attack can be launched...

PT-2026-31454

A weakness has been identified in code-projects Easy Blog Site up to 1.0. The impacted element is an unknown function of the file /users/contact us.php. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been made availabl...

Linux Distros Unpatched Vulnerability : CVE-2026-26263

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. From 11.0.0 to before 11.0.6, an unauthenticated time-based blind SQL injection exists in GLPI's Search...

WordPress plugin Advanced Contact form 7 DB 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress plugin OttoKit SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-31083

Name of the Vulnerable Software and Affected Versions MATCHA INVOICE versions 2.6.6 and earlier Description A SQL Injection vulnerability exists that may allow a logged-in user to obtain or alter information stored in the database. Recommendations Update to a newer version to address this...

PT-2026-31342

Name of the Vulnerable Software and Affected Versions Red Hat Quay affected versions not specified Description A flaw exists in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database in a format that, if manipulated, could...

PT-2026-31452

The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to and including 5.1.1. This is due to insufficient validation of the $name parameter upload field key passed to the generate user file dirpath function, which uses WordPress's path join — a function...

ICZ MATCHA INVOICE SQL注入漏洞

ICZ MATCHA INVOICE is an invoice management system developed by the Japanese company ICZ. Versions of ICZ MATCHA INVOICE 2.6.6 and earlier contained a SQL injection vulnerability. This vulnerability made the system susceptible to SQL injection attacks, potentially leading to the extraction or...

WordPress plugin User Feedback SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CI4MS 访问控制错误漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. Versions of CI4MS prior to 0.31.4.0 contained a access control vulnerability. This vulnerability stemmed from the reliance on volatile cache checks for routing protection, which could lead to ineffective protection when the...

WordPress plugin User Registration & Membership SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

GHSA-4FP2-3XGG-JG4W PowerJob vulnerable to SQL injection

A vulnerability was identified in PowerJob 5.1.0/5.1.1/5.1.2. Impacted is an unknown function of the file powerjob-server/powerjob-server-starter/src/main/java/tech/powerjob/server/web/controller/InstanceController.java of the component detailPlus Endpoint. The manipulation of the argument...