Simple forum forum1.php file SQL Injection Vulnerability

Simple forum is a simple forum. Simple forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter File in the file /forum1.php. An attacker can exploit this vulnerability to execute illegal SQL commands to ste...

CVE-2025-4381

The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the ‘$id’ variable of the getSpace function in all versions up to, and including, 4.89 due to insufficient escaping on the user supplied parameter and lack of sufficient...

CVE-2025-6739

The WPQuiz plugin for WordPress is vulnerable to SQL Injection via the 'id' attribute of the 'wpquiz' shortcode in all versions up to, and including, 0.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2025-1708 CVE-2025-1708

The application is vulnerable to SQL injection attacks. An attacker is able to dump the PostgreSQL database and read its content...

code-projects Car Rental System 安全漏洞

Car Rental System is a car rental system. Car Rental System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uname in the file /login.php. An attacker can exploit this vulnerability to execute illegal SQL...

CVE-2025-0966

IBM InfoSphere Information Server 11.7 vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...

Car Rental System message_admin.php File SQL Injection Vulnerability

Car Rental System is a car rental system. Car Rental System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the messageadmin.php file's parameter Message. An attacker can use this vulnerability to execute illegal SQL commands...

Online Shoe Store admin_feature.php File SQL Injection Vulnerability

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter productcode in the file /admin/adminfeature.php. An attacker can exploit this...

Simple Online Hotel Reservation System delete_room.php File SQL Injection Vulnerability

Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter roomid in the file...

CVE-2025-0966

IBM InfoSphere Information Server 11.7 vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...

PT-2025-26807 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue allows a remote attacker to send specially crafted SQL statements, which could enable the attacker to view, add, modify, or delete information in the back-end database. Thi...

CVE-2025-6513

Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it...

CVE-2025-6513 BRAIN2 Configuration file for database access not sufficiently secured

Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it...

CVE-2025-6513 BRAIN2 Configuration file for database access not sufficiently secured

Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it...

CVE-2025-6513

CVE-2025-6513 affects BRAIN2: a vulnerability where standard Windows users can access and decrypt the database-access configuration file. Technical details across connected sources indicate the issue stems from insufficient protection of the configuration file storing database credentials, enabli...

Code-Projects Inventory Management System 安全漏洞

Inventory Management System is an inventory management system. Inventory Management System suffers from a SQL injection vulnerability that originates from the lack of validation of the editCategoriesName parameter in the /phpaction/editCategories.php file for externally entered SQL statements. An...

PT-2025-26594 · Brain2 · Brain2

Name of the Vulnerable Software and Affected Versions: BRAIN2 versions 0.0 through 3.05 Description: The configuration file for database access of the BRAIN2 application is not sufficiently secured, allowing standard Windows users to access and decrypt it. This issue is related to the storage of...

Code-Projects Online Bidding System 注入漏洞

Online Bidding System is an online bidding system. Online Bidding System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID in the file /bidlog.php. An attacker can exploit this vulnerability to execute...

BP Monitoring Management System registration.php file SQL Injection Vulnerability

BP Monitoring Management System is a bp monitoring management system. BP Monitoring Management System suffers from a SQL injection vulnerability that originates from improper filtering of the emailid parameter in the registration.php file. An attacker can exploit this vulnerability by manipulatin...

PT-2025-26426 · WordPress · Iqonic Design Wp Roadmap

Name of the Vulnerable Software and Affected Versions: Iqonic Design WP Roadmap versions through 2.1.3 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...