Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

81910 matches found

OSV
OSVadded 2026/05/24 12:20 a.m.3 views

OSV-2026-806 Security exception in com.code_intelligence.jazzer.sanitizers.RegexInjection.hookInternal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=515796208 Crash type: Security exception Crash state: com.codeintelligence.jazzer.sanitizers.RegexInjection.hookInternal com.codeintelligence.jazzer.sanitizers.RegexInjection.patternHook...

5.8AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/05/24 12:0 a.m.8 views

PT-2026-42924

A flaw has been found in projectworlds Online Art Gallery Shop 1.0. Impacted is an unknown function of the file /admin/adminHome.php. Executing a manipulation of the argument social linked can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be us...

7.5CVSS6.9AI score0.00037EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/23 10:15 p.m.7 views

EUVD-2026-31554

A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. Impacted is an unknown function of the file /admin/patients/viewhistory.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has be...

6.5CVSS6.5AI score0.00031EPSS
Exploits0References5
NVD
NVDadded 2026/05/23 7:16 p.m.11 views

CVE-2018-25351

Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL injection payloads ...

8.8CVSS0.0009EPSS
Exploits0References4
NVD
NVDadded 2026/05/23 7:16 p.m.7 views

CVE-2018-25342

Smartshop 1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'searched' parameter in search.php. Attackers can send GET requests with malicious SQL payloads like SLEEP commands to extract...

8.8CVSS0.0009EPSS
Exploits0References4
NVD
NVDadded 2026/05/23 7:16 p.m.9 views

CVE-2018-25341

Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to product.php with union-based SQL injection payloads in the id parameter to extract...

8.8CVSS0.0009EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/23 6:30 p.m.7 views

CVE-2018-25352

WordPress Ultimate Form Builder Lite plugin version 1.3.7 and below contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the entryid POST parameter. Attackers can send POST requests to the admin-ajax.php endpoint...

7.1CVSS5.9AI score0.00027EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/05/23 6:30 p.m.25 views

CVE-2018-25351 Joomla! Component EkRishta 2.10 SQL Injection via username

Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL injection payloads ...

8.8CVSS0.0009EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/23 6:30 p.m.8 views

EUVD-2018-21873

Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL injection payloads ...

8.8CVSS6.2AI score0.0009EPSS
Exploits0References4
CVE
CVEadded 2026/05/23 6:30 p.m.30 views

CVE-2018-25351

CVE-2018-25351 affects Joomla! Component EkRishta 2.10. The connected documents describe an error-based SQL injection in the username parameter that allows unauthenticated attackers to execute arbitrary SQL queries by sending POST requests to the login endpoint, leaking database information inclu...

8.8CVSS6.2AI score0.0009EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/23 6:30 p.m.9 views

CVE-2018-25351

Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL injection payloads ...

8.8CVSS6.2AI score0.0009EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/23 6:30 p.m.11 views

CVE-2018-25351 Joomla! Component EkRishta 2.10 SQL Injection via username

Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL injection payloads ...

8.8CVSS6.2AI score0.0009EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/23 6:30 p.m.5 views

CVE-2018-25348 Joomla! Component Ek Rishta 2.10 SQL Injection via user_detail

Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the userdetail view with malicious cid values containing SQL commands t...

8.8CVSS5.9AI score0.0009EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/23 6:30 p.m.5 views

CVE-2018-25348

Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the userdetail view with malicious cid values containing SQL commands t...

8.8CVSS5.9AI score0.0009EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/05/23 6:30 p.m.3 views

CVE-2018-25346

WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through the FormMakerSQLMapping and generetecsv actions. Attackers can submit POST requests with malicious SQL payloads in t...

7.1CVSS5.9AI score0.00029EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/23 6:30 p.m.5 views

CVE-2018-25347

WordPress Contact Form Maker Plugin 1.12.20 contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through the FormMakerSQLMapping and generetecsvfmc AJAX actions. Attackers can inject malicious SQL code via the 'name' and 'searchlabels' parameter...

7.1CVSS5.9AI score0.00027EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/05/23 6:30 p.m.6 views

CVE-2018-25342 Smartshop 1 SQL Injection via search.php

Smartshop 1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'searched' parameter in search.php. Attackers can send GET requests with malicious SQL payloads like SLEEP commands to extract...

8.8CVSS5.9AI score0.0009EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/23 6:30 p.m.5 views

EUVD-2018-21864

Smartshop 1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'searched' parameter in search.php. Attackers can send GET requests with malicious SQL payloads like SLEEP commands to extract...

8.8CVSS5.9AI score0.0009EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/23 6:30 p.m.8 views

EUVD-2018-21862

Smartshop 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to product.php with union-based SQL injection payloads in the id parameter to extract...

8.8CVSS6.1AI score0.0009EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/23 12:0 a.m.7 views

PT-2026-43096

Name of the Vulnerable Software and Affected Versions Dolibarr ERP CRM version 7.0.3 Description Unauthenticated attackers can achieve remote code execution by injecting PHP code through the db name parameter. This is performed by sending a POST request to the 'install/step1.php' endpoint...

9.8CVSS6.4AI score0.0061EPSS
Exploits1References7
Rows per page
Query Builder