CVE-2025-9313 Unauthorized database access in Asseco mMedica

An unauthenticated user can connect to a publicly accessible database using arbitrary credentials. The system grants full access to the database by leveraging a previously authenticated connection through a "mmBackup" application. This flaw allows attackers to bypass authentication mechanisms and...

EUVD-2025-36360

Liferay Portal 7.4.0 through 7.4.3.99, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 34, and older unsupported versions stores password reset tokens in plain text, which allows attackers with access to the database to...

GHSA-XCJ6-XPJG-C4XR Liferay Portal Stores Password Reset Tokens in Plain Text

Liferay Portal 7.4.0 through 7.4.3.99, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 34, and older unsupported versions stores password reset tokens in plain text, which allows attackers with access to the database to...

Asseco mMedica 安全漏洞

Asseco mMedica is a medical information management system from Asseco Poland. A security vulnerability exists in Asseco mMedica versions prior to 11.9.5, which stems from the fact that an unauthenticated user can bypass the authentication mechanism by leveraging the mmBackup application, which ma...

CVE-2025-62261

Liferay Portal 7.4.0 through 7.4.3.99, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 34, and older unsupported versions stores password reset tokens in plain text, which allows attackers with access to the database to...

CVE-2025-62261

Liferay Portal 7.4.0 through 7.4.3.99, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 34, and older unsupported versions stores password reset tokens in plain text, which allows attackers with access to the database to...

CVE-2025-62261

Liferay Portal 7.4.0 through 7.4.3.99, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 34, and older unsupported versions stores password reset tokens in plain text, which allows attackers with access to the database to...

CVE-2025-62261

Summary of CVE-2025-62261 (Liferay Portal / Liferay DXP) Affected products/versions (per connected sources): Liferay Portal 7.4.0–7.4.3.99 and older unsupported versions; Liferay DXP 2023.Q3.1–2023.Q3.4; 7.4 GA through update 92; 7.3 GA through update 34. Root cause and impact: Password reset tok...

PT-2025-43587

Name of the Vulnerable Software and Affected Versions RapidResult plugin for WordPress versions up to and including 1.2 Description The RapidResult plugin for WordPress is susceptible to SQL Injection due to insufficient escaping of user-supplied input and inadequate preparation of existing SQL...

Revive Adserver: Error-Based & Time-Based SQL Injection in 'keyword' Parameter of admin-search.php Allowing Full Database Access in Revive Adserver v6.0.0

==Cricetinae== Summary: A critical SQL Injection vulnerability has been identified in Revive Adserver's administrative search functionality, specifically in the admin-search.php file. The vulnerability exists in the handling of the keyword GET parameter, which is passed to multiple database queri...

CVE-2025-41028

A SQL Injection vulnerability has been found in Epsilon RH by Grupo Castilla. This vulnerability allows an attacker to retrieve, create, update and delete database via sending a POST request using the parameter ‘sEstadoUsr’ in ‘/epsilonnetws/WSAvisos.asmx’...

CVE-2025-41028 SQL injection in Epsilon RH

A SQL Injection vulnerability has been found in Epsilon RH by Grupo Castilla. This vulnerability allows an attacker to retrieve, create, update and delete database via sending a POST request using the parameter ‘sEstadoUsr’ in ‘/epsilonnetws/WSAvisos.asmx’...

EUVD-2025-35043

A SQL Injection vulnerability has been found in Epsilon RH by Grupo Castilla. This vulnerability allows an attacker to retrieve, create, update and delete database via sending a POST request using the parameter ‘sEstadoUsr’ in ‘/epsilonnetws/WSAvisos.asmx’...

CVE-2025-41028 SQL injection in Epsilon RH

A SQL Injection vulnerability has been found in Epsilon RH by Grupo Castilla. This vulnerability allows an attacker to retrieve, create, update and delete database via sending a POST request using the parameter ‘sEstadoUsr’ in ‘/epsilonnetws/WSAvisos.asmx’...

EUVD-2025-35035

ETERNUS SF provided by Fsas Technologies Inc. contains an incorrect default permissions vulnerability. A low-privileged user with access to the management server may obtain database credentials, potentially allowing execution of OS commands with administrator privileges...

CVE-2025-10187

CVE-2025-10187 concerns the GSpeech TTS – WordPress Text To Speech Plugin. Wordfence reports an SQL injection via the field parameter in all versions up to 3.17.13, enabling authenticated users with Administrator-level access (and above) to inject additional SQL into existing queries to extract d...

ChanCMS SQL注入漏洞

ChanCMS is a content management system. A SQL injection vulnerability exists in ChanCMS 3.3.2 and earlier versions, which originates from the lack of validation of external SQL statements in the function findField in the file /cms/article/findField. An attacker can exploit this vulnerability to...

CVE-2025-41019

SQL injection in Sergestec's SISTICK v7.2. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'id' parameter in '/index.php?view=ticketdetail'...

CVE-2025-41018

SQL injection in Sergestec's Exito v8.0. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'cat' parameter in '/public.php'...

CVE-2025-41019

The CVE-2025-41019 entry affects Sergestec’s SISTICK v7.2, where a SQL injection vulnerability exists in the /index.php?view=ticket_detail endpoint via the id parameter. The underlying flaw allows an unauthenticated attacker to retrieve, create, update, or delete databases through this parameter,...