CVE-2026-4306

CVE-2026-4306 affects the WP Job Portal plugin for WordPress. It is a SQL Injection in the radius parameter in all versions up to 2.4.8 caused by insufficient escaping and lack of proper query preparation, enabling unauthenticated attackers to append SQL to existing queries and potentially extrac...

CVE-2026-4612

A vulnerability has been found in itsourcecode Free Hotel Reservation System 1.0. This affects an unknown part of the file /hotel/admin/modusers/index.php?view=edit&id=8 of the component Parameter Handler. The manipulation of the argument accountid leads to sql injection. Remote exploitation of t...

EUVD-2026-14516

MantisBT is vulnerable to authentication bypass through the SOAP API on MySQL...

GHSA-PHRQ-PC6R-F6GH MantisBT is vulnerable to authentication bypass through the SOAP API on MySQL

Mantis Bug Tracker instances running on MySQL and compatible databases are affected by an authentication bypass vulnerability in the SOAP API, as a result of improper type checking on the password parameter. Other database backends are not affected, as they do not perform implicit type conversion...

CVE-2026-33548

Mantis Bug Tracker MantisBT is an open source issue tracker. In version 2.28.0, improper escaping of tag names retrieved from History in Timeline myviewpage.php allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript, when displaying a tag that has...

CVE-2026-30849 MantisBT SOAP API has an authentication bypass vulnerability on MySQL

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions prior to 2.28.1 running on MySQL family databases are affected by an authentication bypass vulnerability in the SOAP API, as a result of an improper type checking on the password parameter. Other database backends are not...

CVE-2026-30849

The CVE affects MantisBT (open source issue tracker) prior to version 2.28.1 when run on MySQL databases. It enables an authentication bypass via the SOAP API due to improper type checking on the password parameter, allowing an attacker who knows a victim’s username to log in without the password...

WordPress Fonts Manager | Custom Fonts plugin <= 1.2 - Unauthenticated SQL Injection via fmcfIdSelectedFnt parameter vulnerability

Unauthenticated SQL Injection via fmcfIdSelectedFnt parameter vulnerability discovered by Tarcísio Luchesi De Almeida Silva Poystick in WordPress Plugin Fonts Manager | Custom Fonts versions = 1.2...

CVE-2026-33723

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the Subscribe::save method in objects/subscribe.php concatenates the $this-usersid property directly into an INSERT SQL query without sanitization or parameterized binding. This property originates from...

CVE-2026-33723 AVideo Vulnerable to SQL Injection in Subscribe Endpoint via Unsanitized user_id Parameter in subscribe.php

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the Subscribe::save method in objects/subscribe.php concatenates the $this-usersid property directly into an INSERT SQL query without sanitization or parameterized binding. This property originates from...

CVE-2026-33723

WWBN AVideo vulnerable to SQL Injection in Subscribe endpoint (Subscribe::save). In versions up to 26.0, Subscribe::save() builds an INSERT query by directly concatenating $this-&gt;users_id (derived from $_POST['user_id'] in subscribe.json.php and subscribeNotify.json.php) without sanitization o...

SQL Injection: Hibernate

Overview Affected versions of this package are vulnerable to SQL Injection: Hibernate in the EruptDataQuery function of the MCP Tool Interface. An attacker can execute unauthorized SQL commands by manipulating input data processed by the application. Remediation Upgrade xyz.erupt:erupt-ai to...

CVE-2026-33681

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the objects/pluginRunDatabaseScript.json.php endpoint accepts a name parameter via POST and passes it to Plugin::getDatabaseFileName without any path traversal sanitization. This allows an authenticated admin or a...

CVE-2026-33681 AVideo has Path Traversal in pluginRunDatabaseScript.json.php Enables Arbitrary SQL File Execution via Unsanitized Plugin Name

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the objects/pluginRunDatabaseScript.json.php endpoint accepts a name parameter via POST and passes it to Plugin::getDatabaseFileName without any path traversal sanitization. This allows an authenticated admin or a...

CVE-2026-33681

WWBN AVideo (versions up to 26.0) has a path traversal flaw in the objects/pluginRunDatabaseScript.json.php endpoint. An authenticated admin (or an attacker via CSRF) can pass a name parameter via POST, which is handed to Plugin::getDatabaseFileName() without proper sanitization and allows readin...

CVE-2026-33681 AVideo has Path Traversal in pluginRunDatabaseScript.json.php Enables Arbitrary SQL File Execution via Unsanitized Plugin Name

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the objects/pluginRunDatabaseScript.json.php endpoint accepts a name parameter via POST and passes it to Plugin::getDatabaseFileName without any path traversal sanitization. This allows an authenticated admin or a...

CVE-2026-33651

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the remindMe.json.php endpoint passes $REQUEST'livescheduleid' through multiple functions without sanitization until it reaches Schedulercommands::getAllActiveOrToRepeat, which directly concatenates it into a SQL...

CVE-2026-33651 AVideo has a Blind SQL Injection in Live Schedule Reminder via Unsanitized live_schedule_id in Scheduler_commands::getAllActiveOrToRepeat()

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the remindMe.json.php endpoint passes $REQUEST'livescheduleid' through multiple functions without sanitization until it reaches Schedulercommands::getAllActiveOrToRepeat, which directly concatenates it into a SQL...

CVE-2026-33651

WWBN AVideo contains a Blind SQL Injection in the remindMe.json.php flow for versions up to 26.0. The vulnerability arises when $_REQUEST['live_schedule_id'] is passed through multiple functions without sanitization and is then concatenated into a SQL LIKE by Scheduler_commands::getAllActiveOrToR...

EUVD-2026-14475

A vulnerability has been found in erupts erupt up to 1.13.3. Affected by this issue is the function geneEruptHqlOrderBy of the file erupt-data/erupt-jpa/src/main/java/xyz/erupt/jpa/dao/EruptJpaUtils.java. Such manipulation of the argument sort.field leads to sql injection hibernate. It is possibl...