EUVD-2018-21840

Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the myeventsid parameter. Attackers can send GET requests to the eventadd.php page with malicious myeventsid values to extract o...

EUVD-2026-30268

Stored Cross-Site Scripting XSS in Stel Order v3.25.1 and earlier, located at the ‘/app/FrontController’ endpoint via the ‘legalName’ and ‘employeeID’ parameters. The lack of proper input sanitization allows an attacker to inject malicious code that is persistently stored in the database. When...

Comarch ERP Optima 信任管理问题漏洞

Comarch ERP Optima is an ERP and financial management system for small and medium-sized enterprises developed by the Polish company Comarch. Versions of Comarch ERP Optima prior to 2026.4 contained a vulnerability related to trust management. This vulnerability stemmed from the use of hard-coded...

EUVD-2026-29896

Successful exploitation of the SQL injection vulnerability could allow a remote authenticated attacker to execute arbitrary commands via a specific interface, potentially enabling the attacker to access, modify, or delete sensitive information within the database...

CVE-2026-6888

CVE-2026-6888 describes an SQL injection that could allow a remote authenticated attacker to execute arbitrary commands via a specific interface, potentially accessing, modifying, or deleting sensitive data in the database. The CVSS 3.1 vector is AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H with a base sc...

CVE-2026-42208

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. From version 1.81.16 to before version 1.83.7, a database query used during proxy API key checks mixed the caller-supplied key value into the query text instead of passing it as a separate parameter. An...

FreeBSD : MongoDB Server -- Multiple vulnerabilities (67e31a04-49fa-11f1-9b23-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 67e31a04-49fa-11f1-9b23-b42e991fc52e advisory. https://jira.mongodb.org/browse/SERVER-119981 reports: Tenable has extracted the preceding...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the restore process. An attacker can execute arbitrary OS commands by uploading a crafted backup archive that overwrites the application's configuration file and database, injecting malicious commands into t...

UBUNTU-CVE-2026-28214

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize function can overflow the totalLength value when parsing a Wide type clumplet, causing an infinite loop. An authenticated user with INSERT privileges...

CVE-2026-28212

Firebird is an open-source relational database management system. In versions prior to 6.0.0, 5.0.4, 4.0.7 and 3.0.14, when processing an opslice network packet, the server passes an unprepared structure containing a null pointer to the SDLinfo function, resulting in a null pointer dereference an...

PT-2026-31927

PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php...

EUVD-2026-20529

The Advanced Contact form 7 DB plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.9. This is due to missing or incorrect nonce validation on the 'vszcf7savesettingcallback' function. This makes it possible for unauthenticated attackers to...

CVE-2026-32590

A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server...

CVE-2019-25704

Kados R10 GreenBee is affected by CVE-2019-25704, an SQL injection vulnerability in the filter_user_mail parameter that allows attackers to manipulate database queries. This can enable extracting sensitive information or modifying data. The available documents do not specify affected versions, ro...

EUVD-2026-18868

Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the four date filter parameters fmindateavailable, fmaxdateavailable, fmindatecreated, fmaxdatecreated in wsstdimagesqlfilter are concatenated directly into SQL without any escaping or type validation. This...

GO-2026-4914 Fleet's Apple MDM profile delivery has second-order SQL Injection that can compromise the database in github.com/fleetdm/fleet

Fleet's Apple MDM profile delivery has second-order SQL Injection that can compromise the database in github.com/fleetdm/fleet...

OpenSTAManager 安全漏洞

OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager prior to 2.10.2 contained security vulnerabilities. These vulnerabilities stemmed from a lack of validation in the database conflict resolution function, whic...

PT-2026-29657

Name of the Vulnerable Software and Affected Versions OpenSTAManager versions prior to 2.10.2 Description OpenSTAManager is vulnerable to Time-Based Blind SQL Injection through the optionsstato GET parameter in multiple AJAX select handlers. The user-supplied value from optionsstato is directly...

CVE-2025-41008 SQL Injection in Sinturno

SQL injection vulnerability in Sinturno. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'client' parameter in the '/adm/scripts/modalReportdata.php' endpoint...

GHSA-FR9J-6MVQ-FRCV Kysely has a MySQL SQL Injection via Backslash Escape Bypass in non-type-safe usage of JSON path keys.

Summary The sanitizeStringLiteral method in Kysely's query compiler escapes single quotes ' → '' but does not escape backslashes. On MySQL with the default BACKSLASHESCAPES SQL mode, an attacker can inject a backslash before a single quote to neutralize the escaping, breaking out of the JSON path...